Cloud security is a prerequisite for large-scale application of cloud computing

Cloud security is important in cloud computing era the third session of the cloud Computing conference May 20 continued to be held in Beijing National Convention Center. In the cloud computing environment under the Information Security Forum, the Guardian General manager assistant and the strategic cooperation Department general manager Zhongbo did "Cloud Environment security Architecture" keynote speech. He said that the advent of the cloud computing era is an unavoidable fact, cloud design to security and application synchronization considerations, planning a sound security architecture, so as to avoid the same mistakes. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' border= ' 1 "alt=" Guardian General Manager assistant and Strategic cooperation Department general manager Zhongbo "src=" http:// Images.51cto.com/files/uploadimg/20110715/1421250.jpg "/> Guardian General manager assistant and Strategic cooperation Department general manager Zhongbo Zhongbo said Cloud security is cloud computing large-scale application premise, Now cloud security has risen to the level of national security strategy, cloud security is not only a technical problem, we must plan the security system in advance. Zhongbo said that the cloud did not grow as fast as we had imagined. A major reason or security issue. The security situation of the cloud is worrying, cloud technology itself is a parallel distributed network computer, the engineers themselves are network computing, engineers painting the network when the habit of using the cloud to performance, called the habit is called cloud. Because it is based on virtual technology on the Web, and these technologies themselves from the security does not have a fundamental breakthrough whether it is now broadband network or distributed computing model, as well as the virtual machine itself security or as always before the same existence. Putting these together, I think the security risks are not reduced but increased. Users gain high performance in computing storage, low prices and loss of autonomous control over information and data. Zhongbo that the source of cloud computing Security: Application environment and data separation from user-controllable, data and application environment, which is the root cause of cloud computing problem. Who can control cloud computing, who can control the sovereignty of information. The basis of cloud computing is server and storage technology, and China is not the technology and market control in these areas. This is not a simple security issue, but a question of information sovereignty. So cloud security has risen to the national security level. Zhongbo continued, cloud computing is based on the TCP/IP network, the network itself is not secure. Like the IP protocol, the core technologies of cloud computing include virtualization, distributed computing, etc., at the beginning of design and in order to fully consider the security issues, there are congenitally deficient. Program implementation means and levels are different, some of the programs through the C + + program can easily lead to buffer overflow attacks, such as the introduction of security vulnerabilities. As the underlying support of the operating system in memory protection, data isolation, rights management, identity authentication, Trojan virus attacks and other aspects of their own shortcomings, throughThe indefinite way is difficult to cure. Relevant standards, regulations, regulatory system is lacking, there is no complete cloud security system. The design of the cloud should be safe and application-synchronized, planning a sound security architecture to avoid the same mistakes. Hadoop, for example, realizes both the map calculation model and the Distributed File system, which is designed to run on general-purpose hardware and is highly fault tolerant and suitable for deployment on inexpensive machines. Hadoop provides high throughput data access and is ideal for applications on large datasets, which have been validated on cluster systems of thousands of-node JNU units. Through the analysis of the Code, data transmission based on TCP/IP protocol, socket, but in the transmission and stored procedures do not do encryption. There is no strong authentication mechanism between the nodes, it is easy to counterfeit. Since there are so many problems, it is necessary to establish a secure framework. We are more in favor of the model of the cloud Tube end. From the security mechanism, we need to consider several aspects, terminal security, pipeline security and background operation security. The core technology here is cryptography and encryption. From the architecture, first of all, it needs to have a standard, the corresponding system and policy rules and regulations, such as password management standards of the corresponding laws and regulations, the need for security management and security support, involving secret key management, involving the management of certificates. Security support is to do a unified global domain identity authentication, through the cloud Platform security, pipeline security, cloud terminals together to provide security services cloud. From the terminal security, we need to achieve terminal credibility, access authentication, identification, anti-attack, anti-loss, data loss. means have password security chip, security protocol, Security Communication module, password module, security convergence equipment, terminal protection system, Trojan virus system. The safety of pipelines is close to the traditional network security, which needs to ensure data transmission, backstage security, anti-network attack, intrusion protection and identity recognition, and support VIP6. Cloud Platform security objectives to achieve virtualization security, distributed computing security, storage security, inter-node authentication, access control, log audit, scheduling security, development security, application security. Cloud security support to achieve unified user identity management, unified identity authentication and single sign-on, unified authorization management, unified access management. In terms of control, including security management, Key management, certificate management, security operation and maintenance. On this basis, we put forward the cloud computing environment security architecture system, including the system standard policy regulations, such as password management Regulations, evaluation and certification standards, grading protection norms. Just now we mentioned that we want to structure autonomous controllable cloud security computing platform, a large number of existing trusted computing technology can be used to ensure the autonomous control of the cloud platform. On this basis we can do the kernel layer of file filtering, including the operating system itself is not a Trojan virus attack. A security service SaaS, including data security, application security, border security, and storage security, was mentioned earlier. This is the cloud architecture where we provide secure storage services. It uses cipher encryption as the core to realize multidimensionalSecurity, we provide security as a service project, in the Password management security assessment is in line with national requirements, and then our security and application of the integration, covering a variety of use of the scene, the industry chain together to form a complete infrastructure. Cloud security is the foundation of cloud computing, so the security can be safely extended to other businesses. "Editorial Recommendation" operators deploy "cloud security" to get triple benefit cloud computing security? 43% of companies questioned Cloud security company-Panda Security released the latest 2012 product line qin Rob bit "cloud security" market "responsible editor: Liyan TEL: (010) 68476606" Original: Cloud security is the premise of large-scale application of cloud computing back to network security home