Information

Date:
17.04. - 20.04.2012
Location:
Munich, Germany
Registration fee:
€1695.00
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com





Cloud Computing

If you are responsible for defining cloud strategies and/or involved in projects around Cloud Computing, especially with focus on security, track 2 will deliver the answers you are looking for. Learn how to not only move to the cloud but to mitigate cloud (security) risks and build your secure, hybrid environment making real value of Cloud Computing.

Moderation:

Wednesday, 18.04.2012
08:00-18:00 Check-in & Registration
08:30-09:00 tba
Prof. Dr. Eberhard von Faber, T-Systems
09:00-09:30 Securing Critical Banking Infrastructures in the Age of Cyber Warfare
Dr. Waldemar Grudzien, Association of German Banks
09:30-10:00 tba
Berthold Kerl, Deutsche Bank AG
10:00-10:30 Coffee Break, Expo Area
Dr. Laurent Liscia Prof. Dr. Sachar Paulus Cloud Computing Audit
Moderator:
Dr. Laurent Liscia, OASIS
Prof. Dr. Sachar Paulus, KuppingerCole
10:30-11:30 Cloud Audit
OASIS Cloud Audit Panel I
Dr. Laurent Liscia, OASIS
John Sabo, CA Technologies
11:30-12:30 Cloud Audit
OASIS Cloud Audit Panel II
Dr. Laurent Liscia, OASIS
John Sabo, CA Technologies
12:30-14:00 Lunch Break, Expo Area
Mike Small Cloud Identity & Access
Moderator:
Mike Small, KuppingerCole
14:00-15:00 Cloud Information Security
The Cornerstones of Information Security in the Cloud
Craig Burton, KuppingerCole
Extending your Identity & Access Management into the Cloud
Gerry Gebel, Axiomatics Americas
Dr. Barbara Mandl, Daimler AG
Prabath Siriwardena, WSO2

Identity management across multiple SaaS (software-as-a-Service) applications as well as on-premise systems is a challenge to most enterprises. Challenges in Identity Management in the cloud, simply goes beyond how we do authentication, authorization and auditing right. Cross domain authentication, provisioning, interoperability, multi-tenancy, delegation and security are few challenges to name. The best way to preserve interoperability is to adhere to open standards. Lots of proprietary standards came a long way, but at the time they felt a larger audience is needed and interactions with other systems, those became open standards. SAML2 Web SSO, OpenID, OAuth are some popular open standards, widely used across many cloud providers for authenticating users while facilitating identity portability. WS-Trust, WS-Federation used to cater the same aspect while dealing with systems. XACML is another open standard, which is considered to be the de-facto standard for authorization. It facilitates fine-grained authorization in a policy driven manner. Provisioning is also an important aspect in a cloud identity management system. SPML failed to be the de-facto standard for provisioning due to its heavyweight nature and being bias to SOAP. The latest emerging standard for provisioning is SCIM, which is still in progress at the specification level, but looks promising.

15:00-16:00 Simple Cloud Identity Management (SCIM)
Patrick Harding, Ping Identity
Kurt Johnson, Courion Corporation
Darran Rolls, SailPoint
16:00-17:00 Coffee & Networking, Expo Area
17:00-18:00 Eyes Wide Shut? Seven Cloud-Computing Security Sins and how to Control them
Mike Small, KuppingerCole

Cloud computing provides an opportunity for organizations to optimize the procurement of IT services from both internal and external suppliers However - many organizations are sleepwalking into the Cloud. Moving to the cloud may outsource the provision of the IT service, but it does not outsource responsibility. This session will look at the issues that may be forgotten or ignored when adopting the cloud computing.

These include:

  • Ensuring legal and regulatory compliance
  • Assuring data security
  • Ensuring business continuity
  • Avoiding lock in
18:00-18:20 tba
André Durand, Ping Identity
18:20-18:40
18:40-21:00 European Identity Awards Ceremony & Buffet Dinner

Thursday, 19.04.2012
08:00-18:00 Check-in & Registration
08:30-09:00 How Identity Management and Access Governance as a Service make your Cloud Work and your Business more Agile
Ralf Knöringer, Atos IT Solutions and Services GmbH

Identity and access management has evolved from the needs of large organizations and international operating enterprises. Automated user and entitlement management enabled the IT organizations to reduce costs and increase efficiency.

Today, legal and regulatory compliance dominates the deployment of identity and access management solutions. The level of control therefore follows the risk exposure and the transparent risk taking of the business owners. Identity and access governance with comprehensive analysis and reporting functionalities ensure transparency of rights, roles and entitlements.

Customers demand modular and service-oriented offerings managing identity and access for on-premise environments and cloud infrastructures.

Enterprise customers and service providers benefit from perimeter-less security services like cloud SSO and entitlement services for mixed environments (on-premise, private, public and hybrid cloud). This key note will present a look on existing and future scenarios.

09:00-09:30 tba
Prof. Dr. Kai Rannenberg, Goethe University in Frankfurt
09:30-10:00 Trust and Complexity in Digital Space
Dr. Jacques Bus, Digital Enlightenment Forum

The concepts of trust and security are deeply embedded in our society and are therefore strongly affected by the societal transformation caused by the digitization. Societal and technical change is strongly influenced by the growing complexity of society related to the emergence of easy worldwide communication, the Web and mass data collection. In this paper I discuss security and trust as fundamental drivers for self-organizing communities in our society. I highlight the concepts of trustworthy technology and trust in the societal context, as well as the difference between accepting technology and trusting technology. An important observation is that a complex system cannot be fully understood through reductionism. The discussion leads to some cautious conclusions on future actions.

10:00-10:30 Coffee & Networking, Expo Area
Mike Small Cloud Security
Moderator:
Mike Small, KuppingerCole
10:30-11:30 Trustworthy Cloud
Providing and Maintaining a Secure Cloud Infrastructure - from Planning to Administration
Henning Arendt, @bc - Arendt Business Consulting
Prof. Dr. Clemens Jochum, Goethe-University Frankfurt, House of Finance
Aljosa Pasic, Atos Research & Innovation
Mike Small, KuppingerCole

  • Trust Assumptions and Trustworthiness Assurance
  • Secure management of cloud components
  • Identity management requirements for both, critical infrastructure and privacy protection
  • Integrated Identitity management for administration personnel, maintenance personnel, hardware and autonomous systems, and software components.
11:30-12:30
12:30-14:00 Lunch Break, Expo Area
Mike Small Cloud Security
Moderator:
Mike Small, KuppingerCole
14:00-15:00 Cloud Resiliency
Protecting and Managing Critical Data in the Cloud
15:00-16:00 Cloud Service Termination
What you should know about Cloud Service Termination before you sign a Contract
16:00-16:30 Coffee & Networking, Expo Area
16:30-17:30 Cloud Multi-Tenancy
What you should know about the different Types of Multi-Tenancy in Cloud-Services

Multi-tenancy - large numbers of customers using the same infrastructure, sharing the same application - this is how Cloud Computing has become so attractive and where its value proposition comes from. Looking behind the scenes we find out that there are different degrees of multi-tenancy with each of these degrees having their own advantages, disadvantages and - risks. This session will lead you through these different degrees and will evaluate the risks related to them.

17:30-18:00 Closing Keynote

« Return to the full agenda

© 2012 Kuppinger Cole