With the idea of cloud computing, countless manufacturers have been rolling out their so-called cloud computing concepts overnight. Gradually the author found that the security field is also a new term "safe cloud computing." I have doubts, the security of cloud computing in the end is what? What guarantees can cloud computing provide for information security? This article will work with users to explore secure cloud computing.
Secure Cloud Computing
Like the concept of cloud computing, cloud computing is the development of distributed processing, parallel processing, and grid computing. In a sense, cloud computing is a natural development of the grid computing model, said Frank Gens, an IDC analyst.
Theoretically, cloud computing's powerful data operations and synchronous scheduling capabilities can greatly enhance the responsiveness of security companies to new threats, while at the same time distributing patches or security policies to branch nodes.
For traditional anti-virus vendors, the introduction of cloud computing can greatly enhance their ability to collect virus samples, reduce the corresponding time of the threat. International well-known security manufacturers trend technology and domestic rising has played a safe cloud computing slogan, which is undoubtedly a great benefit to users.
Of course, not only anti-virus vendors, internationally renowned web security vendors Websense, in the malicious code collection and emergency response to take full advantage of cloud computing features, its global deployment of honeypot and grid computing close integration, can timely response to the network of new attacks, Provides strong support for the timely updating of its rule base.
Moreover, cloud computing in the security field of application technology greatly promote the traditional security industry changes, perhaps in the near future, security manufacturers will also comply with the trend, the real Software + service marketing model.
The challenge of secure cloud computing
It is not difficult to find that the premise of implementing secure cloud computing is to collect users ' security threats quickly and efficiently. Through the implementation of cloud computing data analysis, to respond to the user's security needs. So how to quickly and accurately collect user's exception information, becomes the security cloud computing implementation first difficulty.
The performance of the various vendors in dealing with threat data collection is different. Rising domestic security vendors, through the release of terminal-oriented card 6.0来 for its "cloud security" plan for the full implementation of the prerequisite. However, this will not be the patent of rising, including Microsoft, almost all the security vendors will be the user's terminal equipment use of real-time tracking.
At the same time, to facilitate more accurate and rapid access to information, many well-known manufacturers will set up a dedicated honeypot system to widely collect network attacks. Websense's Honeypot + Grid computing Architecture model, we may think is a simple implementation of cloud computing.
Solves the demand collection, how solves the distributed and the parallel data processing, becomes whether truly realizes the cloud computing the challenge. First of all, the security company is not Google, so there is no way to have the million remember the computer to handle the user's data at the same time;
Secondly, relative to the common application, security companies to the new virus and attack behavior analysis, more based on artificial analysis, how to shorten the response time to become the key;
Finally, how to strengthen the accuracy of automatic analysis is also a problem to be solved by the safety company. We can not forget last year, the national sensational Norton manslaughter incident, it is due to the automatic analysis system of false positives, which caused the loss can not be filled. Industry experts say, "Virus sample automatic collection and processing system will greatly improve anti-virus software virus database sample collection and upgrade speed, but every day from the end users collected suspicious files most likely not virus, if automatic collection system automatically submit features and add the virus library may cause false positives problem. ”
I believe that security companies, in addition to increasing the basic hardware improvements at the same time, will increase with Third-party cloud computing service providers to strengthen cooperation. The third issue that needs to be paid attention to is how security vendors can ensure that the stability and security of cloud computing are resolved.
Cloud computing is a system pool that is highly scalable and manageable and capable of computing infrastructure for end-user application software, according to Forrester's analyst. But if the infrastructure of each cloud is unique, and if the infrastructure is to apply virtualization technology, how to address license licensing becomes a problem to consider when implementing cloud computing.
At the same time how to solve the cloud computing privileged users access rights, data storage and data isolation, will become the security cloud computing has to consider the problem.
Summarize
With the rapid development of the Internet, new threats are always in the layers of no demand. The debate over cloud computing is mixed, but as a security enterprise it must be assured to the user that any one of the architecture's own security needs to be safeguarded, and second, to help users solve security threats and strengthen the system. Regardless of grid computing, wide-area computing, or today's cloud computing, everything is just beginning, which is superior to the bad only time to prove. I do not want to see in the security field to become a trend of fashion, because security is always a rigorous science.