Enterprise Architecture Beyond the Perimeter

Linux

Jan Monsch and Harald Wagener, Google Security Team, Google

Abstract: 

An increasingly mobile workforce and the ubiquity of attacks on client platforms limit the effectiveness of the traditional corporate network perimeter-security model. Beyond Corp is a broad effort to re-architect the delivery of Google corporate computing services, removing privileges granted solely on the basis of network address. The Overcast architecture blueprint is key to this, presenting a model of machine identity, authentication, and inventory-aware authorization. We discuss the background of our work, our general approach, challenges encountered, and future directions.

Jan is a tech lead in the security operations team and has been designing and driving enterprise security initiatives within Google. His focus at the moment is machine identity and inventory. Prior to joining Google in 2010, he was senior security analyst at Compass Security AG, a leading Swiss security assessment company.

He has a bachelor’s degree in electrical engineering from the Zurich University of Applied Sciences and a master’s degree with honors in security and forensic computing from the Dublin City University.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Presentation Video

Presentation Audio