The security of cloud computing is a major topic at the conference, with 15 separate sessions dedicated to all aspects from cloud-based security services to identity management to legal implications.
And if the multitude of sessions at RSA isn't enough, within walking distance at a location nearby, the Jericho Forum, a user-based advocacy organization dedicated to driving improvements to security for e-commerce, will be holding its own mini-conference.
The Jericho Forum will be putting its spin on the security of cloud computing with the perhaps surprising belief that using a cloud can actually be more secure than running applications and databases out of corporate data centers.
The Jericho Forum doesn't believe that is the case today, but the potential for that level of security exists and should be pursued, says Adrian Seccombe, a member of the Jericho Forum Board of Management.
Working on a secure architecture now while cloud services are still evolving is key, he says; security can't be added later and be effective.
Essential to that architecture is the ability to wrap data up as objects that can be assigned a security value. Access to and treatment of these objects would then depend on the objects themselves rather than cloud infrastructure, Seccombe says. "The data knows who it should operate with," he says.
The conference will kick off Monday with a few focused tutorials, one being with the Trusted Computing Group (TCG), an industry organization that has designed several security specifications intended for use across vendor boundaries.
One of TCG's most important efforts has been the Trusted Platform Module (TPM) for hardware-based encryption capabilities. Joe McGinley, manager of global software security architecture at Diebold, a maker of Automated Teller Machines, will be on hand to describe how Diebold has added TCG's Trusted Platform Module, used with Wave Technologies management software, for public-key encryption security in today's automated teller machines.
"People try to spoof the cash dispenser all the time," McGinley notes, adding that Diebold's ATM, mostly based on the XP operating system, includes not just the TPM hardware but Symantec firewalling, host-based intrusion prevention and antivirus protections as well.
Ad Choices