Mar 1, 2009

Announcing the Brucon Keynote speaker



Lifting a tip of the curtain. The Brucon Crew is proud to announce Christofer Hoff as it's first speaker.

Bio:
Christofer Hoff has over 15 years of experience in network and information security architecture, engineering, and operations. Hoff's expertise is focused on developing strategies for innovation in the area of information assurance, resilience, and rational risk management.

He is a prolific blogger (rationalsecurity.typepad.com), a featured speaker at numerous information security conferences, holds several security credentials and is an accomplished and accredited instructor in multiple security disciplines.

Title:
Cloudifornication - Indiscriminate Information Intercourse Involving Internet Infrastructure

Abstract:
What was in is now out.

This metaphor holds true not only as an accurate analysis of adoption trends of disruptive technology and innovation in the enterprise, but also parallels the amazing velocity of how our datacenters are being re-perimiterized and quite literally turned inside out thanks to Cloud computing and virtualization.

One of the really scary things happening with the massive convergence of virtualization and cloud computing is its effect on security models and the information they are designed to protect.

Where and how our data is created, processed, accessed, stored, backed up and destroyed in what is sure to become massively overlaid cloud-based services -- and by whom and using whose infrastructure -- yields significant concerns related to security, privacy, compliance and survivability.

Further, the "stacked turtle" problem becomes incredibly scary as the notion of nested clouds becomes reality: cloud SaaS providers depending on Cloud IaaS providers which rely on Cloud network providers. It's a house of, well, turtles.

This "infrastructure intercourse" where your resources and data can be located anywhere makes it very interesting to try and secure your assets when you don't own the infrastructure and in most cases can't control the level of security.

We will show multiple cascading levels of failure associated with relying on cloud on cloud infrastructure and services including exposing flawed assumptions and untested theories as it relates to security, privacy and confidentiality in the Cloud with some unique attack vectors.
------

The Call for papers is still open. If you are interested to do a training or a presentation at BruCON, please submit an abstract.

No comments:

Post a Comment