Cloud computing seems to have been touted by many companies for the future of the Internet and computers, especially in the recent period when cloud security related to cloud computing has become a favorite term for many security companies. But now even cloud computing standards are arguing, what is cloud security? What is the security of this hidden cloud that can bring enterprise and user to the actual security?
Cloud computing and cloud security
Ask the cloud security and the current enterprise or individual users use anti-virus software, firewalls and other security measures. The answer to this question begins with the characteristics of cloud computing. Cloud computing is seen by its touts as a "revolutionary computing model". In the view of the science and technology wizards, because of the transmission capability of high-speed Internet, people can move data processing from personal computer or server to computer cluster on the Internet. That is to say, people can put a variety of applications on the remote server, like the cloud, you even online in the use of it, usually on the cloud, have a person to help you manage.
For ordinary users, this means that the computer host can be completely discarded from now on, using only the monitor and keyboard to enjoy all the services available on the computer over the Internet, and you can use these services on any device without discrimination, such as using the same software on your phone as your computer. And for the enterprise also means that they can not buy a large number of computer equipment every year, no longer for the subsequent hardware upgrades, software procurement and system maintenance and other troubles, all only need to pay a certain proportion of the annual calculation of the cost of computing services can be.
Although cloud computing has so many temptations, many companies are not planning to follow up immediately, the main reason being security concerns. Because of the use of cloud computing, means that companies have to put their entire data into the cloud computing service provider's computer, the control of the passed so many companies are very worried, especially for enterprise key data, how can you believe that the service providers will not sell the data secretly to their competitors?
The sound of such questioning began as early as 2007 when Google released its apps service. The apps service is a simplified online office office software that allows organizations to easily access Office software services on the Internet and store documents in a network without having to install similar applications. Apps is the embryonic form of cloud computing, but many companies have kept their doubts about whether Google will be secretly searching for an analysis of user-uploaded documents.
However, the cloud-supporting services provider, including IBM, explains the problem, and there is no need to worry about data security in cloud computing, because in the vast computing matrix of cloud computing, all data is scattered. It is almost impossible to get confidential information through a server as before, and it is very difficult to decipher and restore data even if multiple servers are breached.
But this does not completely convince people to rely on cloud computing, after all, now most of the enterprise's Gbagbo are almost entirely stored in the computer, and in case of the information left to outsiders to have problems, then for many enterprises and users is undoubtedly fatal danger. So as long as cloud computing is not completely secure, cloud computing services will be repelled by certain security-demanding customers, the cloud security that many international manufacturers have been talking about.
See the domestic cloud security
But security in the cloud is not the same concept as the recently touted cloud security of antivirus software vendors. Now many anti-virus software manufacturers are talking about the cloud security is the Chinese enterprises to create a concept noun. In foreign and the concept does not have cloud security such a name, so many domestic cloud computing followers believe that cloud safety is a pseudo proposition. However, the concept of cloud security in the proposed still by the security vendors of the unanimous pursuit.
The current concept of cloud security is mainly about the use of large-scale cloud computing to combat the increasingly complex and diverse hacker attacks and virus attacks. Some manufacturers say they capture virus samples through cloud computing, and some manufacturers say they are automating the analysis of virus samples through cloud computing, although the direction of each manufacturer is different, but it is mainly to instill in the user the idea that cloud security software built through its cloud computing center will enable users to gain more security performance.
However, the hardware security vendors obviously love this concept, the implementation of the cloud security is through a more security, hope to be able to through different levels of safety network equipment to carry out different security protection, and so that the protection measures can be linked, and ultimately achieve the goal of defending against security threats. This means that the choice of subordinate cloud security, the enterprise from top to bottom as a whole to join the protection of cloud security nodes. For enterprise users, however, this defensive approach does significantly improve security and reduce client maintenance.
Cloud security, a distributed cluster of fire prevention, is very close to the anti-spam grid proposed by a domestic security expert in 2003, and the expert believes that spam is rampant and cannot be automatically filtered by technology because the AI method relied on is not mature technology. The biggest feature of spam is that it sends the same content to millions of recipients. To this end, a distributed statistical and learning platform can be set up to filter spam with the collaborative computation of large-scale users.
First, the user installs the client, calculates a unique "fingerprint" for each message that receives, by compare to "fingerprint" can count similar copy number of the mail, when the number of copies reaches a certain number, can decide the mail is the spam mail. Second, since more than one computer has more information on the Internet than a single computer, a distributed Bayesian learning algorithm can be used to implement collaborative learning processes on hundreds of client machines, collecting, analyzing and sharing the latest information.
For example, to protect against e-mail-borne viruses, when a part of an e-mail message is transmitted over the network, the first Yunan plenary through the spam detection method, for the first time filtering, such as the black and white list of e-mail technology and keyword combination technology. If this layer misses the message, there will be a second layer of analysis of the content of the message. And when the internal computer is infected with the virus, usually inserted into the system process and through UDP and other ways to connect the server to download more viruses or continue to spread the virus, the security of the monitoring system will play a role. Therefore, it can be seen that the defense of diversity threat requires dynamic multi-level detection capabilities. The advanced feature analysis capability of cloud Security provides users with multi-level threat defense analysis, and also improves the actual security efficiency to a great extent.
Therefore, the cloud security of the Enterprise believes that the concept of cloud security embodies the real idea of cloud computing, each user to join the system is a service object, but also the completion of a distributed statistical function of an information node, as the scale of the system continues to expand, the accuracy of the defense virus will also improve. It is more mature and more practical to use large-scale cluster method to screen virus than other methods, such as active defense.
However, it should be noted that at present, the various manufacturers of cloud computing is not a new technology, in the foreign security technology literature, it is actually accompanied by the distributed storage technology to grow up a security technology. Its main technical feature is the use of the server cluster's powerful processing capabilities, the client's security configuration to streamline, that is, we often call thin client. But the company used to call it a distributed architecture as a security system, and now it's called cloud security. But in the final analysis, the main aim of this technology is to improve the safety measures of each node and every position. In other words, if the former is a one-man battle, then the cloud security is the group combat.
The Battle of cloud security technology
Cloud security in technology requires a strong distributed computing cluster, which is usually called the cloud, coupled with the client, can build an effective intelligent threat collection system, Computing cloud system, service cloud distribution system. Cloud security manufacturers also have a different understanding, because it is a vague security service model, so different cloud security understanding and definition, the resulting security effects will vary greatly.
At present, the domestic security vendors are developing their own standard cloud security, but the deployment of cloud security is very high, which means that once the enterprise adopted a cloud security products, it is likely to use the entire security vendor's overall cloud security solution, As a result, security vendors have a big disagreement over the technical standards of cloud security.
With this part of the security vendors stressed that the need to buy cloud security equipment to protect themselves, the other part of the security companies understand cloud security more is the concept of cloud security, so that enterprises do not have to buy equipment, and directly enjoy the concept of security services. One is bandwidth based services, such as denial of service protection and response based on the ISP of the operator or Internet service provider. For example, China Telecom in the network security to do better than the enterprise, the cost is lower. And he can filter the attack upstream while you're using broadband.
The reason for such a technical dispute, is that the current cloud computing platform manufacturers of their respective technology and understanding are also different. There are many device manufacturers that want businesses to be able to build their own private cloud, and some ISPs want more companies to be able to attach to their own cloud computing centers, through their own cloud computing center to help small and medium-sized enterprises to solve the needs of cloud computing, there are two different cloud security and cloud security dispute.
In addition, some experts also believe that cloud security is too serious hype, many manufacturers have followed the introduction of cloud security solutions, but with the unified threat Management UTM hardware solution is not the second. And UTM is because many manufacturers have hype, leading to the domestic UTM market chaos, and ultimately UTM lost in the domestic reputation and charm, now this will UTM facelift set on cloud security speculation may again will repeat UTM farce.
Other experts believe that cloud security still has five questions: first, a strong, secure cloud security solution, will affect the performance of the enterprise network itself, or even bring additional points of failure? Second, many users want to be able to quickly and accurately detect security threats from the web, But does the user care about the security device's own threat signature list database capacity is large enough? Third, as more and more security threats are embedded in the application, can simple, traditional packet detection be manageable? Four, if the vendor cannot provide the host service of the multi-region distribution database, Is there a risk that there will be no response from the cloud? Five, different vendors to provide cloud security solutions across terminals and gateways, application and update process will appear compatibility risk?
In general, some security companies do borrow cloud security hype suspicion, but can also feel, as the network security more and more complex situation, especially the increasing number of viruses, many manufacturers have begun to seek comprehensive solutions, and hope that with the help of artificial intelligence and cluster computing advantages, To deal with this growing crisis. Therefore, whether it is cloud security or cloud security, what is effective to help enterprises withstand the risk of data processing, it should be a security enterprise really need to consider the core issue.