The fifth session of the CSA workshop imagine

Participate in the fifth CSA Cloud Security Alliance Symposium.

People too. So we didn't find a seat. For a very long time. To make up for not having time to sit in the office. One to mend it back. First of all to introduce the credit cloud, in fact Independent:

Letter-use-Cloud 1. Letter-use-cloud

What is the credit cloud. It is trusted to be available, cloud services. Trust is a subset of security that can be used as availability, and cloud computing is elastic and scalable.

2. Letter

Dr. Xu & Mr. Hu. Each of them explained the letter.

Mr. Hu said: The letter is based on two kinds, experience or TCG (trust Computing Group). And vmarketing also says: Faith is a source of reliance on its own credibility. This source is pulled down and all is credible. I personally think that the construction of the trusted computing model is actually divided into two kinds: one is optimistic and credible. Contains the rules that Mr. Hu speaks, the TCG, and also contains the theorem of formulas vmarketing. The other is a pessimistic trust model built on the basis of unbelief. Feel that everything is not credible.

Contains your own programs, rules, and dynamically generated programs. For the first model, people have the highest rule weights. For a different model. The rules are consistent with the rules generated by the machine, even lower than the weight generated.

The first model is a controllable model, while another model is an uncontrolled one. Assuming another model can have intelligence, it will eventually become an unbreakable model.

3. Use

In terms of availability. All the clouds are doing well. In addition to the so-called cloud shock, reliability and other aspects are more normal.

However, the virtual OS cloud, represented by virtual machines and OpenStack, is always inferior to performance on a single machine.

This is a certainty. The virtual layer is long. will be the same with the 360 software, the high performance is consumed on their own.

4. Cloud

The so-called cloud, horizontal scalability is good.

Of course it may not be elastic, because it can only be extended to not shrink. For example, there are already thousands of virtual machines deploying a large number of application cloud platforms. Please reduce the physical machine by 1/3 today.

Resources may also be sufficient. However, CPU overhead is absolutely soaring.

The virtual machines that may be partially collapsed after the contraction, because the resources can not be really evenly distributed, but also because the cloud platform can not really predict the dynamic characteristics of each cloud service.

According to the above points, I give a few characteristics of the credit cloud in my heart:

1. Isolation between apps. App A should not affect app B.

2. Everything is not credible.

Everything is unreliable.

3. When the amount of resources is far exceeding the demand, the average distribution can be achieved.

4. The cost of the cloud's own loss performance is far less than the profit created.

5. The reliability of the system is guaranteed by the heterogeneous node + backup Data + migration capability.

6. Have good expansibility and longer vitality.

Cloud Email Security issues

Email encryption mass, group forwarding. Retrieving and anti-spam in the cloud

In fact, the key point is that the information can be encrypted by both parties to completely view the outside. can also be viewed in full or in part by authorized third parties.

Symmetric keys do not solve this problem, asymmetric keys can not solve.

You should also allow non-user-authorized third parties to view it in some way, such as anti-spam.

Cloud confrontation

Dapan says the data are structured. I quite agree with that view.

There is no structure in the data, and I agree with that point. It may not be scientific to divide the data by today's human views.

is chaotic, or distinct.

Assuming that the data features are optimized and modified, it should be admitted that the data is structured. Assuming abstract data to contain everything, then there should be no structure.

Dapan looks so much bigger. Well, it's better to call Laopan. Just maybe the old word is very unpleasant.

So it's a big match.

Adosa This is an anti-DDoS alliance. Is the hope that the cluster attack can be sniper to the place of initiation.

Using clusters to fight clusters is the solution. First heard of the existence of this Union.

Summarize

This Cloud Security Alliance conference is mostly about security issues for cloud platforms. And I personally pay more attention to the security of the system in the cloud.

Not exactly the same. There have been several defenses against cloud networks and cloud-level security that have not been carefully pondered. It's always no harm to broaden your knowledge.

To broaden your knowledge you can take the time to look at a gb/t27000 security protocol suite and CCM matrix.

Copyright notice: This article Bo Master original articles, blogs, without consent may not be reproduced.

The fifth session of the CSA workshop imagine