Date: November 6 , 2009
Speaker: Jesper Johansson, Amazon
Topic: Social Aspects of Security and Part 2 on Cloud Computing
Lately there has been an increase in attackers attempting to monetize user's naivety. One of the methods currently in vogue is the use of fake anti-malware software, for which the user is expected to pay. This method permits the attackers to not only install malicious software on an unsuspecting user's computer, the victim also pays the attackers for the privilege. In this presentation, Jesper Johansson will demonstrate one such attack and show how to tell that it is fake.
Throughout the history of computing, there has always been a buzzword of the day. We have all seen “end-user computing”, “Client-server”, “Web 2.0”, “Service Oriented Architectures,” and, of course, who can forget “XML”, “Java”, and “Extranet.”
Today's buzzword is “Cloud Computing.” Some people, notably Larry Ellison, claim Cloud Computing is nothing more than “a computer attached to a network.” While that is obviously correct, in the simplest sense of the word, Cloud Computing has one very important facet: you only buy what you need. Cloud Computing allows you to scale your network almost infinitely, while you need it, and then turn it all off and not pay for it. For example, Harvard Medical School uses Amazon's EC2 service to process millions of genetic tests, without having to purchase datacenters and software licenses to do so. The Washington Post used the same service to process Hillary Clinton's official white house schedule, a task requiring almost two months of compute time, in just over one day, at a cost of under $150.
Clearly, while Ellison is correct, there are some fundamental differences between cloud computing and just hooking a computer up to a network. In this session, Jesper Johansson will lead a discussion on not only research areas surrounding Cloud Computing, but also how to leverage Cloud Computing to perform research.
Jesper M. Johansson is Principal Security Architect for a well-known Fortune 200, working on risk-based security vision and security strategy. He is also a contributing editor to TechNet Magazine. His work consists of ensuring security in some of the largest, most distributed systems in the world. He holds a Ph.D. in Management Information Systems, has more than 20 years experience in security, and is a Microsoft Most Valuable Professional (MVP) in Enterprise Security. His latest book is the Windows Server 2008 Security Resource Kit.