From the terminal to the cloud security needs to dial "cloud" See Day

Cloud computing is undoubtedly one of the hottest topics in the IT world today. Some people say that the core idea of cloud computing is to manage and dispatch a large number of computing resources with http://www.aliyun.com/zixun/aggregation/18415.html > Network connections, and form a pool of computing resources to provide services to users. The network that provides resources is called "cloud", so "cloud" is just a special "net" name. In the view of users, the cloud is a service, an on-demand, on-demand service, similar to the current use of electricity.

The above statement in the concept of basically reached a consensus, can be in the actual structure and applications, vendors will be their products posted on cloud computing label and the definition is not uniform, so that enterprises and users confused, do not know where to start. One important reason for the wait-and-see attitude towards cloud computing is security.

Some anti-virus software vendors have launched Cloud security services, they rely on cloud computing this huge resource platform to collect, analyze the virus code, and then antivirus for end users. There are also companies that collect virus code everywhere and build their own "cloud security" systems in the cloud. But neither of these are the security issues we call, they are more like the security services provided by the cloud computing platform, and the effectiveness of this service remains to be verified. We are concerned about the security of the cloud itself, or the security of the cloud, and how we can ensure it is safe and secure when we use the cloud.

Many people think that after the cloud computing, the terminal is like a device to send and receive things, then the security requirements for the terminal is reduced? At the recent RSA Conference, the site reporter interviewed RSA (EMC Security Division) chief Security architect Rashmi Knowles, she said, if you are on the virtual desktop, you will only see the images associated with you appear. This data is not stored in the terminal, it is stored in the cloud, in the terminal just need to authenticate, do not need additional encryption. What we need to do at the end is to ensure that the data being used is secure and that data loss management is prevented. If we use sensitive data, we need to ensure that the data is not copied to the USB drive or printed, and we want to protect and control the data.

Figure is RSA (EMC Security Division) Chief Security Architecture officer Rashmi Knowles at the interview site

When you think that storing information through the cloud or doing all sorts of things is the same as doing it locally, it is probably the basic security of the cloud. But how do you trust the cloud? Without unwarranted trust, this trust must be achieved through a series of rules. Rashmi Knowles that to apply the cloud, companies must learn new ways to achieve predictability in risk, threat and compliance performance. The rule of building trust in the cloud is to achieve control and visibility of the infrastructure, identity, and information in the cloud environment.

This control and visibility is achieved through specific security techniques. Data can be encrypted, data is deployed to prevent leaks, user identity can be strongly authenticated and managed, virtualization technology can be deployed to the infrastructure. But these are the traditional technology to ensure local security, and in the cloud computing environment there are many difficulties, such as encryption and decryption difficulties. A complete protective system for cloud security remains to be established. Rashmi Knowles also said that there is no real industry cloud security standard for cloud security, and only the Cloud Security alliance has released a series of standards.

Some time ago, Google and Facebook were persuading U.S. lawmakers to revise the Electronic Communications Privacy Act (ECPA). One reason is that they feel that if users have the data locally, they will have more privacy, which hinders the cloud transition. "Many of the infrastructure like Facebook is based on the cloud," Rashmi Knowles said. If the ECPA act does not change, they cannot benefit from it. Although there is a lot of discussion in this Council now, we still have to wait and see the specific situation. This program is 1986, has not been in line with the trend of the times. But unless we modify it on the basis of technical considerations, our work will be hard to push forward. ”

In the absence of a clear technical model and a weak rule of law, the entire IT community needs to calm down and consider how best to implement the cloud computing model, including its running business model, instead of hype and publicity.

(Responsible editor: Lu Guang)