Cloud for Defence
description
Transcript of Cloud for Defence
| Apr 21, 2023 | Mick Symonds | Managed Services |1Your business technologists. Powering progress © Confidential
Mick Symonds21 Apr 2023
Cloud for DefenceMick Symonds
| Apr 21, 2023 | Mick Symonds | Managed Services |2
Clouds and NATO: NIAG study
▶ Earlier this year, Atos took part in a NIAG Study Group for NATO, looking at the suitability of Cloud Computing
| Apr 21, 2023 | Mick Symonds | Managed Services |3
Summary of NIAG Study conclusions
▶ Cloud does have some attractive attributes, which could be of selective value
▶ There could be opportunities in Cloud when restructuring and reorganising ▶ The current NATO orientation around ownership of particular “boxes” is an
obstruction▶ And the transfer over to dependence on services is thus a significant
inhibitor
| Apr 21, 2023 | Mick Symonds | Managed Services |4
Long-term service trend
| Apr 21, 2023 | Mick Symonds | Managed Services |5
» And to support those, there are the Cloud Computing facilities used to deliver those services
Cloud, Cloud Services and Cloud Computing
» Cloud Services underlie and support that concept
» Cloud is a word very much hyped and in fashion but used very loosely
| Apr 21, 2023 | Mick Symonds | Managed Services |6
Why you might want to use Cloud
▶ Cloud in general:– full mobility, Web 2.0, social media, real-time
web, SOA, electronic ticketing and payments, etc., etc.
– you can access “your stuff” from wherever you are, using whatever devices
▶ Cloud Services– facilities are provided by various suppliers to
enable you to do those things– often “for free”, subsidised by advertising, etc.– or just paid for per user or even “per tick”
▶ Cloud Computing– you don’t have to invest capital in data centres
full of servers and storage– you can just use as much or as little as you
need, on a pay-as-you-go basis
| Apr 21, 2023 | Mick Symonds | Managed Services |7
Definition – Cloud Service Models
▶ IaaS; IaaS involves the provision of the basic hardware and associated systems software: processing, storage and network access to and between them. It is made useable as a service by providing a portal for control and internet access
▶ PaaS; Platform is provided to allow people to build and deploy applications, usually but not always to run on top of IaaS and deliver a SaaS service. They are generally used at two stages of the lifecycle: to develop or enhance an application in the first place and then to provide a suitable run-time environment once it is built
▶ SaaS; There is a wide range of SaaS offerings, which provide access to a multi-tenant application, usually via a thin client or a web browser. It is essentially the same as the well-established concept of Application Service Providers (ASP’s)
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
e.g.: CRM, Email
e.g.: CPU, Storage Atos Cloud Infra. ServicesAmazon.com
Google Apps, Force.com,Microsoft Azure
Salesforce.com
e.g.: LAMP, .net, database, Message Queue, API,
Application Server
| Apr 21, 2023 | Mick Symonds | Managed Services |8
How Cloud Computing is delivered
▶ IaaS
» PaaS
» SaaS
» “… In reality, the cloud is giant buildings full of computers and diesel generators … There’s not really anything white or fluffy about it.”
» Mike Manos(Former Microsoft data centre manager
speaking to the New York Times)
» “… In reality, the cloud is giant buildings full of computers and diesel generators … There’s not really anything white or fluffy about it.”
» Mike Manos(Former Microsoft data centre manager
speaking to the New York Times)
» IaaS
| Apr 21, 2023 | Mick Symonds | Managed Services |9
So, what’s stopping organisations going to Cloud?
▶There are scare stories about:– security– legal compliance– service levels – governance– interoperability– scalability
(yes, really)– and ...
| Apr 21, 2023 | Mick Symonds | Managed Services |10
... turkeys and Christmas
▶ “Cloud is the new outsourcing”, according to Gartner
▶ and some IT Managers are not yet ready to give up their empires
| Apr 21, 2023 | Mick Symonds | Managed Services |11
Location, location, location
▶ One of the key attributes of Cloud is supposed to be location independence– You have no idea where your data actually
is▶ But there are strict controls over personal and
other sensitive data within the EU– And it needs to remain in a particular
jurisdiction▶ Most major Cloud providers are American
– Although some are opening European data centres (e.g. in Dublin)
▶ They are therefore subject to the American Patriot Act– Giving American government agencies
access to the data, wherever it is held▶ There are thus concerns raised within the NL
Government
| Apr 21, 2023 | Mick Symonds | Managed Services |12
So, what is the solution
▶ Various means of providing “the best of both worlds” are being worked on▶ European Cloud 2020:
– An initiative, spearheaded by ESA and CERN, with the support of the EC, to develop a major European Cloud capability
▶ Open Data Center Alliance:– A customer-led organisation to define standards for cloud services and how
they are used, to make the decision as to which provider to use more open and flexible
▶ The concept of Private and Community Clouds:– Which can be used by one large organisation: e.g. government agencies– Or those within a particular sector, with common compliance and security
concerns: e.g. finance, healthcare, defence, …
| Apr 21, 2023 | Mick Symonds | Managed Services |13
Security and Identity Services
▶ There are risks related to cloud computing▶ Your data is hiding somewhere, but you don’t know where exactly▶ Your data is neighbouring the data of many others, which makes it attractive to
hackers▶ Cloud environments are ever more being used as a launching platform for:
– DDOS (Distributed Denial Of Service) attacks– Botnet attacks
▶ Just like any other organisation, cloud providers are not excluded from insider threats either
▶ Through virtualization malware can ‘leak’ to your data▶ Browsers and mobile devices belong to the most vulnerable IT components and
are, hence, popular targets of hackers
| Apr 21, 2023 | Mick Symonds | Managed Services |14
Security and Identity Services
▶ Here are some measures you can take▶ You need to learn about the security controls of your cloud provider. Use your
own policies and procedures as a reference▶ Make clear agreements with your cloud provider about ownership, protection
and deletion (at the end of the contract) of your data▶ Encrypt your sensitive data where possible▶ Protect your client applications and mobile devices. Have these included in your
security programs▶ There are some very fancy identity management technologies available – based
on open standards - which are worthwile to evaluate:– SAML (Security Assertion Markup Language): used for authentication– SPML (Service Provisioning Markup Language): used for account
management– XACML (eXtended Access Control Markup Language): used for fine-grained
authorization
| Apr 21, 2023 | Mick Symonds | Managed Services |15
A range of Infrastructure ServicesProcessing, storage and connectivity on a pay-per-use basis
TRADITIONAL
Traditional infrastructure
services
Cloud implemented for only one customer, on premises or in
Atos DC
Cloud based processing & storage, but hardware is
dedicated per customer
Dedicated connection
Shared multi-customer
environment
Dedicated connection or
Internet
DEDICATED CLOUD
PRIVATE CLOUD
SHARED CLOUD
Greater resource sharing and increased agility
Increased use of dedicated resources
Atos Sphere
Atos Sphere
Atos Sphere
Atos Sphere
Atos Sphere
Atos Sphere
Shared enterprise and
consumers environment
Only Internet connection
PUBLIC CLOUD
| Apr 21, 2023 | Mick Symonds | Managed Services |16
www.atos.net
Your business technologists. Powering progress © Confidential
Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGridare registered trademarks of Atos SA. June 2011© 2011 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.
startslide.ppt
Mick SymondsPrincipal Solutions Architect/Loose Cannon AtosB.5.L08, Papendorpseweg 93, 3528 BJ Utrecht The [email protected] +31 651 755 779