Cloud computing Globalization in the wave of development, cloud computing from the original concept of the various applications to the landing, its advantages gradually revealed. The world's leading companies are also starting to chase the pace of cloud computing. In this situation, the domestic "cloud" footprint is not to be outdone, all over the cloud data center has been planning and construction. And the important challenge that restricts the popularization of "cloud computing" is still the security issue.
Virtualization security is the key
Cloud security technologies are mostly focused on virtualization security, and there are few security technologies involved in cloud applications.
For information security enterprises, cloud computing has brought both opportunities and challenges. Ningjia, a member of the National Informatization Advisory Committee, said that the information security in the cloud era is no different from the traditional information security, but cloud security is still critical and will affect the experience of cloud computing.
and information security enterprises, is keen to seize market trends, have in their own product line in the cloud Security strategy layout. De Weiheng, Director of Product division of the Net Nebula, has identified the position of cloud security products in the company's future development.
According to the reporter understands, in the recent United States held the information Security Congress, the net nebula displays the cloud computing security product "Imperial Cloud", this product has obtained two national patents in the domestic, undertook the National Electronic Development Fund plan, and successfully applies in the Shandong Cloud Computing Center, the Shandong Super Calculate center, is the domestic first release cloud security product.
At present our country's cloud computing application is still in the initial stage, the focus is the data center construction, the virtualization technology aspect, therefore, our country's cloud security technology mostly concentrates in the virtualization security aspect, to the cloud application security technology involves not many. From the "Royal Cloud" products of the Net nebula, it can be seen that the security of the cloud is mainly focused on the security of the data center.
According to De Weiheng, many application systems need to be deployed in virtualized data center environments, and security protection and access control between virtual machines and application systems poses new security threats and challenges. Because traditional hardware security devices can only be deployed on physical boundaries, fine-grained access control is not available for communication between virtual machines on the same physical computer. How to enhance the visibility and controllability of virtual machine flow in virtual environment and provide network security protection in virtual environment is the focus of security product design at present.
Traditional problems remain
The bottleneck of domestic industry development mainly concentrates on hardware and OS safe operating system. As Ningjia said, the problem of cloud security is actually a traditional information security problem.
"At the core of information security technology, the gap between domestic and foreign manufacturers is very large." "De Weiheng told the China Electronic News reporter," The bottleneck of domestic industry development mainly concentrates on the hardware and OS safe operating system. First of all, many domestic security products are mainly Third-party suppliers to provide the standard hardware, and foreign security vendors have their own hardware design strength. Second, the hardware-specific OS security operating system development has a certain degree of difficulty, and foreign security vendors mostly overcome this difficulty. Third, the compatibility issue, foreign manufacturers because most of them are based on their own design hardware development OS security operating system, such compatibility has a certain protection, but also the development and local product Linkage API interface, network adaptability is strong. ”
This gap, so that domestic enterprises and foreign countries, the pace of the market slowly several beat. It is understood that the various applications of cloud computing abroad, cloud security focus on all types of applications, while the domestic still in the large-scale construction of cloud computing data center, the stage of the Super Center, the focus of attention is the security of virtualization technology. NSFocus Vice President Wu Yunkun pointed out that the domestic security enterprises need to grasp this difference, according to different demand market to launch targeted security products, in order to win more user market attention. The technical strength is the domestic enterprise still lacks the key point, "the enterprise also should enhance own technical strength, the solid completes the technical research." "He thought.
Industry Alliance is also one of the ways to enhance the strength of enterprises. Wu Yunkun that the domestic security enterprises are relatively small scale, a company can not develop all the safety products, the need for alliances, authorization, cooperation, mergers and acquisitions and other ways to improve the product chain. De Weiheng points out that security products need to be attached to the cloud computing industry chain and need to be aligned with cloud computing companies. In the last year, the network Royal Nebula and systems integration Company Cloud technology in the field of cloud computing security close cooperation reached a strategic agreement, and actively seek "cloud computing + security" industry cooperation.
Enterprise View
Shi Xiaohong 360 Vice president of Qihoo
"Cloud security has changed the pattern of security in China's Internet network, the Internet security is suitable for the cloud killing mode." ”
In the Internet age, the security environment that the Netizen faces has changed greatly, the traditional anti-virus mode has not been following this change, must choose the new mode and technology to manage desktop security.
Traditional antivirus mode has two fatal weaknesses. First, it uses a "blacklist" approach. With the increasing number of new viruses that break out every day, the larger the virus library, the more users will consume hard disk storage and memory resources, and the computer becomes overwhelmed, and users often feel that the system is slowing down and not having enough memory. Another fatal weakness is the anti-virus software update speed far behind the virus Trojan change speed. In addition, in the new Internet environment, in addition to killing viruses, it is more important to actively protect. The traditional model is obviously not competent for such a large amount of anti-virus needs, nor is it competent to advance defense needs.
Since 2007, the concept of cloud computing has sprung up around the world, while the "cloud killing" technology has been able to adapt to this paradigm shift. The basic idea of "cloud killing" is to collect suspicious program or webpage file samples from mass terminals, set up two databases in the cloud, then the user's files through the network real-time query, in the cloud and Black-and-white list, the analysis of the results of the software for the exception to delete or isolate, the analysis results for the normal software to pass.