Download - Segurança e Cloud Computing
![Page 1: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/1.jpg)
Instituto de Inovação com TIC
Inovação é a gente!
Segurança e Cloud
Computing
![Page 2: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/2.jpg)
Agenda
• Breve Histórico e Definição;
• Desmistificação da Cloud Computing;
• Segurança na Cloud Computing;
• Exemplos/Cases.
![Page 3: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/3.jpg)
BREVE HISTÓRICO E DEFINIÇÃO
![Page 4: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/4.jpg)
Tendência em TI
Google Trends
![Page 5: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/5.jpg)
Cloud != Virtualização
![Page 6: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/6.jpg)
Abstração
![Page 7: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/7.jpg)
Cloud Computing
![Page 8: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/8.jpg)
Definição
• Cloud computing é um modelo que permite acesso ubíquo, conveniente, sobre demanda, para a rede ou a um pool de recursos computacionais (rede, storage, servidor, aplicações, serviços) que podem ser rapidamente provisionados e disponibilizados com um esforço mínimo de gerenciamento do provedor de serviços.
http://csrc.nist.gov/groups/SNS/cloud-computing/
![Page 9: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/9.jpg)
DESMISTIFICAÇÃO
![Page 10: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/10.jpg)
Cloud Computing
• Abstração de recursos;
• Sob demanda;
• Elasticidade;
• APIs;
• as a Service (aaS).
![Page 11: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/11.jpg)
Camadas da Cloud
www.opengroup.org/jericho/cloud_cube_model_v1.0.pdf
![Page 12: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/12.jpg)
Cloud Security
![Page 13: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/13.jpg)
SEGURANÇA
![Page 14: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/14.jpg)
SSL/TLS não é a solução para tudo
![Page 15: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/15.jpg)
Nem se esconder atrás de contratos
![Page 16: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/16.jpg)
Etapas
• Secure Software Developtment Life Cycle (SDLC)
• Autenticação
• Access Management
• Pen-test
• Monitoramento
• Trusted Computing
• Auditoria
![Page 17: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/17.jpg)
Secure SDLC
![Page 18: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/18.jpg)
Autenticação
![Page 19: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/19.jpg)
Access Management
![Page 20: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/20.jpg)
Pen-Test
![Page 21: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/21.jpg)
Monitoramento
![Page 22: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/22.jpg)
Trusted Computing
• Memory curtaining
• Secure I/O
• Sealed storage
• Remote attestation
![Page 23: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/23.jpg)
Auditoria
![Page 24: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/24.jpg)
EXEMPLOS/CASES
![Page 25: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/25.jpg)
Exemplos / Cases
• iCloud;
• Dropbox;
• Amazon DynamoDB (beta);
• Gerenciador de senhas Win8;
• vnube.
![Page 26: Segurança e Cloud Computing](https://reader031.vdocuments.pub/reader031/viewer/2022020720/54969cedb479593d4d8b4fe2/html5/thumbnails/26.jpg)
Quanto tempo temos?
176 páginas
https://cloudsecurityalliance.org/