Introducing the Skylab Community Project

Last week I attended SecureCloud 2010 in Barcelona, a conference dedicated to cloud computing and security, organised by the Cloud Security Alliance, ENISA, ISACA and IEEE.

This proved to be an excellent opportunity for deep dive conversations with others heavily involved with cloud security, both providers and users.

The conference was well run – particularly for a first time out. The presentations were a mixed bunch, which I felt reflected:

  • the on-going open interpretation of the term “cloud” (and a few who insisted on muddying the waters by referring to traditional web hosting providers as “cloud providers” – eek!)
  • the different stages that people are at with their understanding of cloud computing and security and
  • the wide diversity of speakers present (a healthy thing in my book)..

I’m very glad I attended and was able to present the kick-off to Project Skylab.

A number of readers asked if the presentations would be recorded and made available to non-attendees. Unfortunately, they were not, so I’ve recorded the “home edition” version of my talk and make it available here.

The Skylab Project is aimed at IT and IT security professionals that are “cloud curious” and want to get their hands dirty in a relatively safe way (i.e. no business data involved). You could say its for the hobbyist security geek. This talk sets out the concept, design goals and plans for Project Skylab. Hence, this presentation is not about “cloud security” per se or “securing the cloud”. At most its about delivering a security related service (an demand security test lab) from the cloud. Check out my other cloud computing and security presentations if you’re looking for coverage of cloud security challenges.

Important notes:

  • this is the “kick-off” of Skylab – not the “solution” stage (!)
  • if you’re an old hand with IaaS services (including cloud overlay networks), I doubt you’ll learn anything new about cloud.

I plan to develop Skylab on an on-going basis. I’m also encouraging others to contibute their ideas (with full credit of course).

Finally, I’ve applied to speak at Brucon 2010 in September. If my application is successful I will present the first tried and tested incarnation of Skylab.

Please let me know if you enjoy this video (or not!) as this is the first time I’ve tried this. I welcome your feedback.

I’d like to thank Jim Reavis and his team for the excellent logistical support throughout the conference, along with the SecureCloud presentation committee for inviting me to speak.

Cheers,
Craig

P.S cloudsecurity.org now has a forum dedicated to discussions about cloud computing and security. There is also a dedicated board for Project Skylab communication.

Written on March 24, 2010 by Craig Balding
Stay up to date! Subscribe by RSS or email