Cloud security industry chain drives Cloud security process (1)

Why do you say that? "The water vapor from the kettle is definitely not a cloud," said a guest at the Cloud Security Alliance China Summit Forum. Then the problem of cloud security, it needs the entire information security industry, to reach a consensus on cloud security. Cloud is the inevitable outcome of the development of the Internet and large-scale data centers. In the next 10 years, cloud will become the key technology affecting the whole IT industry, also will have far-reaching impact on the existing information technology architecture, and cloud security becomes an important issue. What is cloud computing? When it comes to cloud security, cloud computing cannot be said. As early as 2000, the concept of grid computing and distributed computing has been put forward in the world, with the development of information industry and market, this concept has been commercialized and has a preliminary framework, thus forming the prototype of cloud computing. Wu Yunkun, vice president of NSFocus, said that cloud computing is not something new, it changes only the way it operates, how users interact and how it is marketed, and it can be said to be a new business model. It is this transformation that allows manufacturers and enterprises in various fields and industries to make their own views on the definition of cloud computing based on the characteristics of the business and the market. Frost & Sullivan Market Research Institute suggests that cloud computing is a flexible, scalable, shared environment in which Third-party vendors use virtualization to provide and distribute computing resources to customers over the Internet, based on an on-demand platform. International Alliance for Cloud Security, after consulting the international industry on a wide range of views and practical experience, pointed out that cloud computing should include the following: on-demand supply, must be closely combined with business needs, according to demand for resources and service flexibility, with business development can flexibly adjust and expand the structure of multi-level leasing, according to different business, different audiences, can provide different resources, different forms of leasing services cloud contains the following feature modules:  infrastructure is the service infrastructure as a services (IaaS), including the basic IT infrastructure, such as the operating system, such as storage  Platform as a service platform as a Service (PaaS), including IaaS and rapid application  software that services software as a service (SaaS), contains all of the applications  shared cloud, private cloud, community, and hybrid cloud deployment below this graph, gives a visual representation of the cloud, Describes the service delivery model for cloud computing and how to deploy the cloud. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' border=0 alt= ' "src=" http://images.51cto.com/files/ Uploadimg/20100910/1142510.jpg "width=422 height=278>Figure 1 Cloud computing Architecture Cloud Security Industry the far-reaching impact of cloud computing, so that the Green Alliance technology and the security industry pioneers are clearly aware of the challenges facing cloud computing. IDC Market research organization data show that cloud computing services will achieve overall it consumption in 2013 10%, annual income of up to 44.2 billion U.S. dollars, 5 years of annual average growth is 26%, this is the traditional IT industry growth rate of 6 times times. The Frost & Sullivan Market Research Institute, at the end of 2009, conducted a cloud-computing survey of its IT decision makers in 6 markets in Asia-Pacific, 300 large enterprises, and over 500 people. Survey data show that 55.3% of people worry about cloud security issues, especially data security. There is no doubt that the boom in cloud computing has allowed cloud security to rise to the height of industry. Cloud security industry chain, including cloud security environment, cloud security design, cloud security deployment, cloud security delivery, cloud security management, and then to cloud security consulting, this is a closed loop. The IDC report points out that cloud security contains at least two levels, the first is to restrict users to accept cloud computing credit environment problems, this is the basis for the broad application of cloud computing, but also to promote the threshold, and then the application of cloud computing security. And a good credit environment is the technical level of cloud computing security, that is, only the user recognition and use of cloud services, only to talk about the cloud security technology issues. So in the credit environment of cloud computing, on the one hand, it is the cloud provider to establish their own credibility, the construction of a credible cloud, on the other hand, the cloud security service providers, to the Internet resources to establish a security reputation assessment system to combat the cloud attack of the "underground industry chain." In this regard, Google and Stopbadware walked in front, and then the domestic security industry manufacturers also recognize this point, have taken corresponding measures. 2009, NSFocus issued the white Paper on Internet reputation service and provided the credit assessment service. According to the accumulation of years of security research, NSFocus makes threat analysis and credit rating on Internet-related resources, and accumulates the content and behavior records of different resources such as IP address, domain name and URL. At the same time, brings together the threat feedback from authorized customers and third-party partners, security incidents of their own security products and security research team risk warning, and the historical information of the target site integration, to establish a long-term reputation tracking mechanism for the Internet field. It is this accumulation, so that nsfocus in August 2010, formal and stopbadware to achieve strategic cooperation, following the Google, as its data provider. In terms of cloud security technology, cloud security is mainly faced with these challenges: cloud computing abuse, bad use, denial of service attacks unsafe interfaces and API malicious internal attacks shared technology issues data leakage account and service hijacking unknown risk Scenario 1 2 3 Next >> view full text Content Navigation page 1th: what is Cloud 2nd: How to do Cloud Security page 3rd: What is the essence of cloud security The original: Cloud security industry chain to promote cloud security process (1) Return to network security home