Marco Casassa Mont - Web Page - HP Labs

Marco Casassa Mont at HP Labs
Senior Researcher
Cloud & Security Lab
Bristol, UK

SAaaS Demonstrator: Situational Awareness-as-a-Service

In the context of the Safe Cloud project, I have been working on an HP Labs R&D demonstrator, jointly with HP businesses, to illustrate:

  • Next generation Business Operation Centers in Disaggregated IT scenarios, i.e. where an organisation relies on service providers (SaaS) and infrastructure providers (IaaS) in the Cloud to run their IT operation

  • Information Sharing as a key requirement for the organisation to improve its (security, business, etc.) situational awareness, now that it has not anymore control over their IT operations-  issues and trade-offs involving information sharing, involving the company and the other stakeholders, including SaaS and IaaS providers

  • Next generation war rooms

  • Our vision in the areas of Safe Cloud and controlled information sharing

We focus on a scenario involving a company that increasingly relies on SaaS and IaaS Cloud Providers to run their IT Operations. The demonstrator uses advanced visualisation and back-end processing techniques to show a futuristic, next generation Business Operation Center, supporting a company to monitor/manage their disaggregated IT.

We use the demonstrator to illustrate the need that a company has for information sharing - to enable better situational awareness - now that the company has lost control on its IT Operations. We highlight the tension-points involved in information sharing,  the  trade-offs that are acceptable by the various stakeholders and the consequences of sharing data.

The following picture shows the company’s Business Operation Centre as portrayed by the demosntrator. The demonstrator provides an overview of the various company's SaaS providers along with the dependencies they have on IaaS Cloud providers and the high-level “health” status of their services.

 

 The demonstrator can then be used to illustrate various view points, in terms of available information and what can be shared. For example it is possible to focus on a SaaS  Provider and/or an  IaaS Provider, show the locally available information and which information  can actually be collected, processed and shared with the company - based on agreed policies. The demonstrator highlights some of the implications of sharing data, i.e. via live metrics, highlighting risk points and related alerts. 

In the following picture we show what happens by drilling down  on a Service Provider (e.g. providing Business Intelligence Services/Analytics) and the IaaS provider that runs the services on behalf of  the company:

The demonstrator shows the dependency on the IT infrastructure used the Cloud (left) and  various types of metrics/information that can be exchanged with the company (right - as part of a mutual agreement). This include information on IT performance, security and incident management aspects.

The following screenshot shows a comparative analysis that the company can now carry out against similar information provided by another  of its service provider (e.g. the one that provides Retail Services). This enables benchmarking and better situational awareness.

 

 

A key capability of the demonstrator is to enable the audience to interactively play different roles, such as acting as the company or one of the SaaS providers. A player can  interact with the system and the other players, decide which information to share (for example with other SaaS providers and/or the company) in order to accomplish  common goals (e.g. dealing with an incident or an attack). We believe this creates further awareness about the importance of information sharing, the implications and tension-points in doing it, and the needs for information sharing controls.

In our HP Labs vision, HP could provide these capabilities (dashboards, controlled information sharing, analytics, etc.) as a (Security) Service to its customers, for example in the context of Managed Services and/or Next generation SOCs.

This demonstrator is now available and can be shown to HP customers and business partners. I have been the technical lead of this demonstrator in collaboration with a team of colleagues.

My Contacts:

Marco Casassa Mont

HP Laboratories

Cloud & Security Lab

Long Down Avenue

Stoke Gifford

Bristol, BS34 8QZ, UK       

TEL: +44-117-3162196

marco.casassa-mont@hp.com