Who owns the. Who owns WWW ? Who and/or what is a significant force behind
the adoption of technology. & innovation? Who is responsible for …
Cloud Forensics
& Incident Response Cloud 2.0
Who owns the Who owns WWW ? Who and/or what is a significant force behind the adoption of technology & innovation?
Who is responsible for ….?
The People’s Technology
Expert Forensic Panelists Expert Witness and International Testimony Moderator: • Dr. Pamela Fusco, Vice President, BOD-ISSA, CISSP, CISM, CPP, CHS-III, AIM
Panelists: • David Ostertag, Investigations Manager, Investigative Response, Verizon Business • Wing Ko, Principal Architect & Security Officer at Maricom Systems Inc • Keith Tagliaferri, Director of Operations, Tiversa, Inc (P2P Intelligence Expert)
Discussion Points • Via our panel of experts: – – – – –
Recommended solutions Potential pitfalls and/or shortcomings Lessons learned Lessons yet to be discovered and learned Reference points (i.e. go to www.blahblah.com for additional information and/or potential info from industry experts – Discuss the future of cloud forensics and I/R – Ensure we don’t create the “sky is falling…” persona rather present reality pros, cons and potential solutions
Cloud Defined (Cloud 2.0) “A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
GSA Issuance of RFQ for Cloud Storage • The General Services Administration (GSA) has issued a Request for Quotation (RFQ) for cloud storage, Web hosting, and VM services. • The document is a preliminary step toward an online "storefront" to be used by federal agencies for ordering cloud computing services.
The RFQ
(available on Scribd US Federal Cloud Computing Initiative-RFQ-GSA)
• Includes ground rules for cloud service providers to the U.S. government • Noting: Federal agencies will retain ownership of data and applications hosted online – Fed has full rights that can be exercised to obtain complete copies of data and/or apps at any time – Cloud services are to be multi-tenant in architecture, able to be provisioned securely and remotely, scale elastically, reside within CONUS, and provide visibility into resource usage.
Almost Always Availability • RFQ, cloud service level agreements must provide for at least 99.95% availability – (currently Providers are servicing corporations via SLA’s of 99.999% or 100.00% up time) – Vendors must take steps to secure services, trouble tickets and order management need to be able to be done via API – Virtual machine services must allow live migration of workloads from one VM to another – Web hosting services require Windows & Linux
The Graphic of the Federal Cloud Computing Framework • GSA RFQ includes a breakdown of cloud computing into the following: – cloud services – user tools – core foundational capabilities – Sub-categories: SaaS, reporting and analytics – Functional categories (id est, email and order management)
Government as Early Adopter • • • • • • • • • •
• • • • •
3-D PHOTO MONTAGE NASA is using Microsoft’s Photosynth technology to stitch multiple images of the International Space Station, Hubble telescope,and Mars rover vehicle into 3-D photo composites. IPV6 PROTOCOL The Department of Defense is aggressively deploying next-generation IP across the military for larger address space and ability to support many more devices. ENTERPRISE SEARCH In-Q-Tel, the investment arm of the U.S. intelligence community, is backing Lucid Imagination, a company providing commercial support for the Apache Lucene/Solr full-text search project. OPEN SOURCE REPOSITORY The Defense Information Systems Agency’s Forge.mil site is modeled after the Source-Forge.com open source community site,providing a means for code sharing within the military. PUBLIC DATA SETS The recently launched Data.gov site has begun providing a catalog and feeds of nonsensitive data collected by government agencies. XML CONTENT MANAGEMENT The Army has created a Web-based battlefield command knowledge system using an XML server that serves as a repository of unstructured data. SOCIAL NETWORKING Examples include the Air Force Research Lab’s Aristotle system for project planning, the U.S. Patent and Trademark Office’s Peer-to-Patent site for peer review, and the TSA’s Idea Factory for crowdsourcing.
NETWORKED FIELD INTELLIGENCE The Army is testing network technology that passes target and image data securely and in real time from vehicles, ground sensors, and launch systems to networked Humvees and central command. CLOUD COMPUTING The Defense Information Systems Agency’s developing a computing cloud called Rapid Access Computing Environment; NASA is building an internal cloud based on Eucalyptus software. COGNITIVE COMPUTING The Defense Advanced Research Projects Agency’s Personal Assistant that Learns employs machine learning to automate workplace tasks. DISRUPTION-TOLERANT NETWORKING Asynchronous messaging technology used by NASA and the military to send data only if network paths are established.
P2P Encryption NOT • Historically, Corporation XYZ, noted that 40%-60% of malcode sources are located outside of the victimized firm’s organization, aka “e2” – consists of employees working from home, suppliers, contractors, partners, agents, customers, attorneys, accountants, and malicious – individuals who amass files on your organization.
