Cloud computing and national security

"Cloud computing" in the subversion of the original Internet application mode, while also brought new challenges to national security, if we can not actively take measures to build its own "cloud computing" facilities, then we are not afraid of a convenient "cloud" services, but a national security is seriously threatened by the era of black cloud.

Threats to national information security

As the carrier of information, the network has become the fourth dimensional space after the territory, the territorial sea and the airspace, and has a direct restricting effect on the real space, and its strategic status is no less than the territory, territorial sea and airspace. This is because, in addition to the national political, economic and other aspects closely related to the more direct integration of ordinary people's daily life, the people's psychological and will have a significant impact.

At present, most of the Internet infrastructure is in the hands of the United States, from the root server domain name to such as Google, Microsoft and other companies to provide a variety of network and personal applications. While the Internet is expected to become a "global public product", during the 1991 Gulf War, the United States blocked all sites in Iraq's national domain and activated all the viruses preinstalled in Iraqi army printers. Not long ago, Microsoft voluntarily cut off Cuba, 5 countries, including North Korea, Syria, Iran and Sudan, have made it impossible for users in 5 countries to log on to MSN, and Google has banned Sudanese internet users from downloading Google Instant messaging (IM) and map services, while Internet service providers such as Yahoo and AOL are likely to take similar measures against those countries. ...... It is on pins and needles to associate these Internet monopoly facilities with security risks. If the future national data are highly concentrated in the international company's "Cloud Computing" center, then the national information there is a "go to the state" risk, a large number of information aggregation if the ulterior motives of the analysis, excavation, national information security will be severely tested.

The threat of cyber warfare

In the future war, the right to make information is the winning right, so the network power has become another important contention after the system of sea power, air control and the right to make heaven. "Cloud computing" stripped its gorgeous appearance, in essence is the Internet's central nervous system. Therefore, its development, not only is the business behavior, is not only one kind of information technology application Mode renewal, also is involves the Internet central nervous system control and the contest.

There is no doubt that multinational companies in the "cloud computing" area of the aggressive and governments of the "cloud computing" development of far-reaching planning for China's political, economic, scientific and technological and national security have formed a serious challenge. If we do not have the "cloud computing" power, the vast majority of businesses and individuals will have no choice but to store and process data in the "Cloud Computing" center as described above in order to meet their application needs. At the same time, the development of national and military information construction will become more and more subject to the information standards and rules developed by the international IT giants.

Although there are many operating and using risks such as isolation failure risk, compliance risk, management interface damage risk, incomplete data deletion risk, internal threat risk and so on, these are only general risk, not main risk. In fact, the most important and core risk of cloud computing is: National security risk and enterprise economic information out of control risk.

As far as national security risks are concerned, the former Columbia news channel president has made clear in his report that "as the world changes, the future of the United States needs to be repositioned, but cloud computing is an important area in which the United States can reaffirm its position as a global economic and technological leader." ”

It should be said that the "cloud computing" proposed and rapid development, just for the United States to provide a new opportunity. Once global information flows, storage and processing are carried out through the "cloud" built by the US it giants, the United States has a firm grip on the absolute right to global information.

In fact, in order to gain information hegemony, the United States attaches great importance to the construction of national strategic assets. Not only focus on the domain name root server to the code access resources and other Internet infrastructure in their hands, but also started in the military field deployment of "cloud computing" plan. At the same time, their other hand is to vigorously support their commercial companies in the global Dajian Cloud resource pool and cloud computing center, to preempt the social cloud computing infrastructure strategic resources.

More seriously, IBM began building a cloud computing network for the U.S. Air Force that would protect defense and military data. IBM announced that it has signed a contract with the United States Air Force to design and build a cloud computing environment for its 9 command centers, 100 military bases, and the USAF network used by the 700,000 troops scattered around the world.

To this end, IBM researchers, software engineers and cyber security experts will work with military personnel and government agencies, and will use the confluence analysis to build a technology that allows the Air Force to continue to monitor and analyze all network data to look for any threat or fault signs. In support of the implementation and implementation of the plan, the United States House of Representatives passed the "Network security Research and development law" before long.

The threat of economic information security

In terms of economic information security, the development of cloud computing, enterprises and industries, a large number of economic information, competitive information will enter the resource pool of information operators, its "Haihan" large data centers and strong servers, but also as software development information "dispatcher" and process "monitor."

So, we have to ask: who is the subject of these economic information? The important economic information security of Chinese enterprises, who will guarantee after clouds? How to guarantee?

Under the background of global economic integration, enterprises can only grasp competitive intelligence and protect their trade secrets in order to be in the active position in the fierce market competition. In particular, innovative intangible assets and competitive business information are the core business secrets of businesses and businesses. Therefore, we must be highly vigilant and effective to prevent: information resources gathering process of unintentional loss and intentional theft. It should be recognized that this intangible asset, after being controlled by foreign capital and the combination of tangible assets, will take full control of China's economic lifeline. Boeing, known as the world's Big Mac, has set up an "anti-competitive intelligence mechanism". From the acquisition of "strategic signals" to explore ways to crack the competition of the other means. Business giant Wal-Mart's basic experience in its informatization is to find the most trustworthy and low-cost system.

In a cloud resource pool, ensure that its customers ' confidential/sensitive data is not mixed with, or acquired by, other customer data in the course of use, storage, or transmission, without any compensation control. Its cloud data backup and cloud recovery plans must be put in place to prevent data loss and accidental damage.

Therefore, the theoretical research and standard research and development of cloud computing should be started as soon as possible. As soon as possible, the classification specification of clouds information is planned, the construction standard of cloud computing service platform is set up as soon as possible, the acceptance code of Operation service software is prevented, and the information security management standard of clouds enterprise should be established as soon as possible to ensure the healthy and orderly development of cloud computing.

In addition, cloud service providers must circumvent the risk of malicious users abusing cloud services. To avoid the above risks, cloud service providers must have a comprehensive security reinforcement of the cloud system, not only in the cloud deployment of targeted security products, but also from the system level, the establishment of a sound key management, authority management, cloud security certification monitoring services, such as multidimensional security mechanisms to ensure the safe and smooth operation of the cloud services.