Analysis of the security and energy consumption of cloud computing and its development trend

Source: Internet
Author: User
Keywords Cloud computing security
Tags access analysis application application layer applications backup based cloud

Introduction

With high-speed network development, growing network demand through large-scale data center processing, thousands of servers and network system storage, many internet companies such as Google, Amazon, Yahoo and other operators around the world such a large data processing center, this network service is called Cloud computing services. From the service model of cloud computing, one of the problems of security is data privacy security, the data is outsourced to the cloud service providers how to ensure data privacy and security, the second is the credibility of services, how to determine the cloud service provider feedback services are credible, the loss of physical control of data and data location is not determined how safe, that is, the risk of Cloud computing is also a highly scalable and cost-effective infrastructure for running HPC, enterprise, and WEB applications. However, the growing demand for cloud infrastructure has dramatically increased the energy consumption of data centers, which has become a key issue. High energy consumption not only means higher operating costs, thus reducing the profitability of cloud suppliers, but also leads to high carbon emissions, which is not environmentally friendly.

This article will start from the cloud computing system architecture, discuss the future development trend of cloud computing, in-depth analysis of cloud computing currently faces two hot issues: first, security, the second is how to achieve efficient energy-saving, green, environmental protection, Low-carbon cloud computing.

1, Cloud computing system architecture

The system architecture of cloud computing can be divided into five levels: physical layer, core layer, resource architecture layer, development platform layer and application layer.

(1) Physical layer: The lowest level of cloud computing infrastructure, providing hardware support for cloud computing systems, including network resources, computing resources and storage resources.

(2) Core layer: the implementation of unified management of physical resources, the specific application of abstraction, through the operating system kernel, middleware or virtual machine monitor, etc. to provide the upper level of the application environment.

(3) Resource Architecture layer: A Resource server architecture system based on core layer, which provides efficient and flexible distributed computing service, large capacity distributed storage service and secure and reliable distributed communication service.

(4) Development platform layer: Through the development platform provides the API, provides the cloud computing programming environment for the concrete application, accelerates the application service deployment, and supports the extensible.

(5) Application layer: User-oriented application program, the development Platform layer provides development environment, application developers are responsible for the development and operation of the program, provide quality of service assurance.

The service models for cloud computing systems include the following three types: infrastructure as services (infrastructure as a service,iaas), software as services (software as a service, SaaS), platform as services (platform as a Service,paas). Infrastructure is a service that provides users with the ability to use the cloud's basic computing resources to deploy or run free software or operating systems, such as Amazon's simple data management services and storage services, and flexible computing clouds. Software as a service, cloud infrastructure based on cloud service providers provides users with specific application capabilities, such as Google Apps and SalesForce customer relationship management applications. Platform is a service that provides users with the ability to create and customize services in the cloud, such as Microsoft Azure and Google's Google App Engine.

2, the development trend of cloud computing

2.1 Security for Cloud computing

Cloud Computing, a novel computing model based on concepts such as grid computing, efficiency calculations, and on-demand computing, contains five key features, based on NIST's definition of cloud computing: Self-Service on-demand services, high-bandwidth networks, virtual resource pools, high-speed resilient architectures, and measurable services. Cloud computing has the characteristics of virtualization, scalability, reliability, economy, dynamic configuration and large scale, and it is scalable in computing mode, and it also makes resource sharing, management more professional and consistent, and reduces the cost of resource sharing. But cloud computing has some security problems, especially the security of cloud storage for data files.

The cloud is not only a large capacity storage device, but a complex system composed of hardware system, network equipment and software system, and the security of cloud storage data has been the focus of the industry. According to Gartner's Security risk assessment report on cloud computing, there are 6 major security risks in cloud computing services, which also reflect the security needs of users.

(1) Location where data is stored: in cloud services, users are not aware of the physical location of private data files stored in the system, which requires the cloud service provider to promise that the user must have the right to inquire about the specific storage location of the data, and that the right must be protected by law.

(2) Access to privileged users: cloud computing service provider's operations personnel in the processing of sensitive data will increase the risk of data leakage, which requires the cloud service provider to provide complete administrator and access control rights such as specific information, even the privileged administrator of the operation log.

(3) Data recovery: The user to the data file in the data center, the local general will not save a copy, which requires the cloud services provider must be a redundant data files, in the event of an exception to timely data recovery, reduce the risk of user data loss.

(4) Data isolation: The data files of all users in cloud computing service system are centralized in the service provider's huge storage resource pool, namely data center, data isolation has certain risk to the user's data security, which requires the cloud service provider to provide data quarantine storage service.

(5) Long-term data stability: Users often need data to be stored in the data center for a long time, which requires cloud computing service providers to provide long-term, stable service, while the cloud services provider's internal data migration can not affect the integrity of user data files.

(6) The nature of censorship: Because the user data has many uncontrollable factors in the cloud storage system, this requires the cloud service provider to accept the security review and authentication of the third party's credible organization, and should conform to the relevant national and regional laws and regulations, and should support the development of some specific investigative authority to the user. The user has the ability to obtain evidence of improper behavior.

With cloud computing's growing business needs, cloud-related security incidents are increasingly exposed, such as phishing networks, botnets, data loss, and encryption flaws. In 2008, for example, Amazon's S3 cloud service failed at one point, causing services to be disrupted, estimated to be about 31,000 dollars lost per minute in the event. Now more and more enterprises use public cloud and mixed cloud deployment, at the same time, more and more sensitive data are stored in the environment of cloud service vendors, companies are actively seeking better ways to protect their data in the cloud, the most widespread approach is to ensure data security by means of data encryption, The data for both the transport state and the storage state is encrypted. Amazon's simple Storage Service (S3) is one of the most famous cloud storage services at the moment, it can consolidate Ama-zon other cloud features and products, provide a variety of flexible encryption capabilities, and users can use the client encryption tools provided by Amazon to create and manage their own keys, This means that data encryption is done before the data is sent. Amazon's recently launched CLOUDHSM Service also uses a hardware-based cryptographic key storage device. Other cloud storage vendors adhere to the same encryption standards, such as Rackspace in its cloud backup products provide server-side 256-bit encryption capabilities, Dropbox and SpiderOak also provide 256-bit AES encryption, SpiderOak use the client encryption method. Verizon Terremark provides automated encryption for backup and redundancy services, providing a variety of managed and encrypted encryption capabilities for managed platforms and data, providing customer-managed cryptographic products in its Clouldswitch hybrid cloud. Savvis uses safenet in its cloud storage encryption capabilities to expose key management and API integration to customers.

In order to promote the development of cloud computing security, many companies in the industry jointly established the CSA in December 2008 (Cloud Security Alliance, Cloud Safety Alliance), the organization is a non-profit organization, the goal is to promote cloud computing application security, and to provide users with cloud computing security guidelines. At present, more and more it enterprises, security companies and telecom operators to join the organization, such as Google, Cisco, Hewlett-Packard, ATT and so on. In addition, the European Network Information Security Agency (ENSIA) and CSA jointly launched the CAM (Common Assurance Metric beyond) project, which aims to develop an objective and measurable test standard, For customers to evaluate and compare the level of safe operation of cloud computing service providers, and promote many cloud service providers (such as Amazon, IBM, Microsoft) and so on to put forward and deploy the corresponding cloud computing security solutions, mainly using identity authentication, security review, data encryption, System redundancy backup technology and management means to improve the stability of cloud computing services, service continuity and data security. Telecom operators such as Verizon has also launched cloud security-related services, especially in the IT antivirus industry, many companies have launched the corresponding cloud computing services security solutions, such as rising, trends, Kaspersky, MCAFEE, SYMANTEC, Jiangmin technology, PANDA, Jinshan and so on.

2.2 Development trend of green environmental protection

The increasing demand of cloud computing system infrastructure has greatly increased the energy consumption of the data center, which leads to the problem of high-energy consumption and high carbon emission, this paper analyzes a green, energy-saving and environmental-friendly cloud computing approach from the angle of energy consumption from the whole industrial chain. Currently, a typical data center requires 1000 10 MW of power operating systems, which leads to higher operating costs. Therefore, for a data center, energy cost is an important part of its operation and upfront cost. In addition, in April 2007, according to Gartner, the information and communication technology (ICT) industry generated about 2% of total global carbon dioxide emissions, a figure that was flat with the airline industry. According to reports from the European Union, the annual carbon emissions need to be reduced by 15%-30%,2020 years to keep global temperature rise below 20C. Therefore, energy consumption and cloud infrastructure carbon emissions have become a key environmental problem. Figure 2 is a high energy usage for cloud computing.

Research shows that cloud computing can actually make traditional data centers more energy efficient and efficient use of technology, such as the virtualization of resources and workload integration. The traditional data center running Web applications often provisioning to handle sporadic peak loads, which leads to low resource utilization and energy wastage. For cloud data centers, on the other hand, you can reduce energy consumption through server consolidation, so that different workloads can share the same physical host, shutting down the rest of the virtual machines and unused servers. Accture A recent study has shown that mobile commerce uses clouds to reduce carbon emissions. According to the report, small businesses have reduced their carbon footprint by as much as 90% by using cloud resources. By using cloud applications, large enterprises can save at least 30% to 60% of their carbon footprint, and medium-sized businesses can save 60-90%.

How does this Low-carbon green cloud work? As shown in Figure 3, in the green cloud architecture, users submit their cloud services through a new request, and green brokerage services include green services, prices, and time to estimate the minimum carbon footprint. Green Brokers get the current use of energy parameters from a variety of cloud services from carbon emissions. These data may include services for PUE and cooling efficiency in cloud data centers, network costs and carbon emission rates for electricity. Green Brokerage Services in all cloud service providers choose, who can provide the requested cloud computing services, and then, it will choose a service, this service is the least carbon emissions of services.

The green Cloud framework, which can track user service requests, relies on two major components, namely, a carbon emission list and a green cloud quote. From the cloud vendor side, by tracking the energy efficiency of each cloud provider, it also inspires cloud service providers to push their "green" services. From the user side, the green economy plays a vital role in monitoring and selecting cloud services based on user QOS requirements to ensure minimum carbon emissions for user services. In general, users can use the cloud to access any of these three types of services (SaaS, PAAs, and IaaS), so the process of serving them should also be efficient and energy saving. In other words, every cloud needs "green" consciousness from the cloud supply side.

In short, cloud computing uses more carbon efficiency to look at problems simply by improving the efficiency of the device, not all of it, and more importantly, from the point of view of both the user and the vendor. Cloud service providers need to reduce demand for electricity, use renewables, and not just look for cost minimization.

3. Conclusion

This article introduces the basic architecture and service types of cloud computing, summarizes the security challenges that cloud computing faces, that is, the protection strategy, and the reliable protection strategy is the future development direction of cloud computing security field. Then introduced the concept of Low-carbon, green cloud computing, cloud computing has a high efficiency, centralized management advantages, with the realization of low energy consumption, environmental protection congenital advantages.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.