Hear from IT leaders, industry experts and developers at the defining event that brings together the entire cloud computing community.
Director of Security Solutions, Intel Corporation
Steve Orrin is the Director of Security Solutions at the Intel Corporation and a regular speaker at nationally recognized conferences on Security, Privacy, and Web Services topics. Previously Orrin served as Chief Security Officer of Sarvega, Inc., (acquired by Intel, inc.) a computer and network security startup which deployed the world's first XML appliance in production in 2001. Prior to his work at Sarvega, Orrin was vice president of security and technology at Watchfire, Inc. responsible for the product development of Watchfire's web application security and privacy software product lines. He has also acted as CTO of Sanctum, a pioneer in Web application security testing and firewall software. Steve was also CTO and co-founder of LockStar Inc., a provider of end-to-end security and web services solutions designed to help organizations deploy web-enabled legacy applications for ebusiness. Steve co-founded LockStar after he left SynData Technologies, Inc. where he was CTO and chief architect of its desktop email and file security product. A recognized expert and frequent speaker on enterprise security, he has developed several patent-pending technologies covering user authentication, secure data access and steganography and has one issued patent in steganography. Steve is a member of several leading industry organizations and is published in several scientific and medical journals. Steve holds an honors degree in research biology from Kean University.
A significant issue for enterprises moving to private or public clouds is how to trust their provider and its infrastructure with their sensitive workloads. Customers need the ability to assess security standards, trust security implementations, and prove infrastructure compliance to auditors. For business decision managers, considering private clouds that leverage the cost efficiency of virtualization to increase the quality of service to the business is paramount. This session will describe technologies and capabilities that provide reporting on the configuration of the virtual infrastructure used by the customer VMs and tie this to a verifiable measurement of trust in the hardware and hypervisor. This allows customers to be sure the provider is following security best practices, can pass a regulatory audit, and be assured that the provider’s platforms are booting from a secure root of trust, protected from root-kits and other malware. We will describe the hardware and software methods by which these measurements, configuration of the virtual infrastructure, and events reported by the infrastructure are used to generate dynamic and detailed compliance reports that can be used by service providers, auditors, and customers.
The panel session will tackle the topic of Private vs. Public Clouds. The panelists will provide insights into the differing challenges of securely deploying and managing applications and workloads into these cloud architectures as well as the unique security obstacles associated with migrating to, from and across Private and Public Clouds. We will take questions from the audience and will provide opinions and guidance for addressing the risks and stumbling blocks.