While cloud computing's performance in saving resources and improving efficiency has been praised, its innate security problems have become a major obstacle on the way forward, a problem that has aroused the attention of many people.
"Maybe our name ' cloud computing ' is a mistake, because it's easy to feel interesting and safe," he said. But in fact, the network is full of threats and sinister, if we call it "swamp computing" may be more to let people have a correct understanding of it. "At a recent RSA2010 security conference, Ronaldl.rivest, a famous information security expert, said, even jokingly, that there are a few concerns about cloud computing security issues.
Security is a stumbling block.
This concern is justified, because both internal and external clouds face a thorny security issue. For the external cloud, the information system of cloud computing is highly concentrated, the data has the characteristics of no boundary and fluidity, so the security boundary of the network is fuzzy, the security mechanism of traditional security domain is difficult to guarantee the security of cloud computing application. In addition, cloud computing services are based on the internet, And the Internet in the quality of resources services is difficult to ensure that the cloud services can have continuity, reliability and high quality, users also play a question mark in mind. For the internal cloud, although the attack from the outside is greatly reduced, but some important information on the Internet, it is inevitable that there is a hidden danger of internal leaks, security issues are also worth considering.
Now, security issues have become an obstacle to the further development of cloud computing. "Only by tackling the above problems can cloud computing flourish in domestic companies," he said. "China Unicom group National Broadband Engineering Laboratory Deputy chief engineer Tang Xiongyan think."
To solve the safety problem, we need to analyze the problem. Today, cloud computing services are broadly divided into three tiers: IaaS, PAAs, and SaaS, and different levels of security issues: the main problem for IaaS is the reliability of cloud computing data center, physical security, network security, transmission security, system security, etc. in terms of PAAs, data security, Data and computational availability, disaster preparedness and recovery, attack against the application are major issues, and for SaaS users are more concerned with the security of data and applications. Cloud-computing providers can take targeted measures for different security issues.
In cloud computing services, operators provide services primarily on equipment and platforms provided by device operators, so they should be different from other cloud computing providers. China Telecom Guangzhou Institute of Technology experts believe that operators should focus on the system level and implementation of applications to improve the security level of cloud computing services, the need to improve the cloud computing security infrastructure, based on the integration of data encryption, VPN, identity authentication, security storage and other integrated security technology means, Build a depth security system for cloud computing applications.
And to fundamentally ensure the security of cloud computing, institutional level of protection is indispensable. Recently, European leaders have urged a global agreement on data protection to address cloud computing's data security vulnerabilities.
Cloud services Spawn new business opportunities
Cloud providers, while addressing security issues, are also exploiting new models of cloud computing to exploit new business opportunities in the security arena. With the concept of cloud computing rising, the concept of cloud security emerges.
A few days ago, a variety of virus programs are growing exponentially, this anti-virus software some parry weakness. At the same time, the main threat from the Internet is from computer viruses to malicious programs and Trojans, the use of feature library discriminant method is obviously outdated.
The so-called cloud security, is through the network of a large number of clients on the Internet Software behavior anomaly monitoring, access to the Internet Trojan, malicious programs, such as the latest information, push to the server for automatic analysis and processing, and then the virus and Trojan solution distributed to each client. Using cloud security technology, the entire internet is a huge "anti-virus software", the more participants, the more secure each participant, the entire Internet will be more secure.
VMware a technology source said that in addition to the virus, cloud computing also has a typical application-security board, including web security and Spam protection, as well as Web page International Code detection. In addition, the security equipment, security infrastructure, "cloud", cloud security services are also the development direction of cloud security service.
In the cloud security, the industry's mainstream anti-virus manufacturers involved in earlier, Jinshan, Kaspersky, Rising, Jiangmin, McAfee and other proposed the corresponding service plan, Cisco proposed the concept of cloud firewall. However, the Ministry of Communications Research Institute Huang Yuanfei that most security manufacturers in the security cloud applications are still in the technical exploration phase, the degree of product needs to be improved.
Operators have started
China Telecom Guangzhou Research Institute experts believe that the cloud security services for telecommunications operators is an opportunity for telecommunications operators in this regard has the innate resource advantages. "After years of network construction and operation, telecom operators have a full network distribution, a large number of security infrastructure, which provides a resource advantage for the development of cloud security." ”
It is understood that domestic operators have begun to explore the cloud Security Service model. For example, a telecom operator has launched a DDoS attack protection service, distributed on the backbone of a class of "cloud defense platform" to deal with the growing botnet, the business platform is a prototype cloud security.
In addition, the reporter learned from China Unicom, although China Unicom's commercial cloud services have not yet been launched, but in the internal pilot phase has been taken into account cloud services. A person in China Telecom said Cloud security is a new market demand point and China Telecom is also considering providing cloud security services.
However, because the system is decentralized, and the system does not achieve effective scheduling management, information sharing, most security systems utilization is low, so operators provide cloud security is not without hindrance. China Telecom Research Institute experts suggest that to remove these barriers, telecom operators can make full use of cloud computing technology to integrate and optimize the above resources, to build an open and super large-scale "security cloud" resource pool, and comprehensively improve the security services to provide a good service efficiency business. At the same time, operators should be based on their own characteristics, the use of all resources, combined with Huawei, ZTE and other good control costs, the network understanding of the advantages, as well as IBM, HP and other advanced technology, the advantages of efficient programs, the introduction of the characteristics of cloud security services.