Cloud security is an important issue in cloud computing. Cloud security has been highly valued by the industry. But what kind of security service is cloud security? Is it the same thing with cyber security? A blog I sent in June 2008 http://blog.sina.com.cn/s/blog_535dace301009i51.html And a series of follow-up technical discussions: the essence of cloud security problem is computing platform security isolation between applications, usually network security technology, such as network Security encryption transmission protocol SSL, secure login protocol ssh, virus detection, Intrusion detection means that there is no security requirement for isolation between applications on the computing platform. Let me now avoid technical details and try to illustrate cloud security in a specific case of a cloud service.
We all know that our big state-owned banks are dismissive of lending to small businesses. A new policy has recently been introduced to allow private financial practitioners to enter the credit industry specifically to meet the needs of small business loans. Although small enterprises, but is in it applications generally than state-owned enterprises far ahead! As a result, many small businesses prefer to use online banking. And then there is the "first cloud of silver"-the world's first Cloud bank-in our China because of transport and life!
Why "The first Silver Cloud" can be born in our country because of transport? Of course, because the characteristics of the cloud services are very suitable for our China's national conditions, or Yun Ban particularly with Chinese characteristics. "First Cloud silver" as a cloud users must avoid renting stores, building data centers, procurement software, hiring professional hardware and software maintenance personnel, and so on and so on costs! Cloud Silver can not only be very quick to open, but also can be completely unscathed when necessary to exit, can perfectly keep up with the policy changes required by the speed.
The business security of "the first cloud of silver" is no doubt a big deal. As a cloud user, the "first cloud silver" operation Security is inseparable from the cloud security. The first security requirement of "first cloud silver" is probably to prove that all deposit, the authenticity of the loan Account: "First Cloud silver" must give a digital signature to the depositor for each deposit made by the depositor, and for each loan, the lender must give a digital signature to the "First cloud of silver".
These digital signatures are essential not only to avoid all conceivable forms of financial fraud, but also to finance audit needs. Because of the natural dependency of the Cloud Service on SaaS (on-demand software), digital-signed software of course runs on the cloud. Therefore, the digital signature private key to be used by the deposit, credit, and "first cloud" itself must also exist on the cloud to be used for the signature software.
Now we can see clearly that each of these private keys must be strictly segregated into a computed region (memory) on the cloud, which is controlled only by the owner of the private key. For example, "first cloud silver" must not be able to obtain the private key of any credit, and any one must not get the "first cloud silver" private key, Lianyun service provider (whether or not Amazon) must also be isolated in the "first cloud silver" of all computing environment. None of the previously listed network security technologies can meet this cloud security requirement.
Perhaps this reader to raise his hand: "For cloud silver users, they deposit, loan amount of privacy is also very important, it should use network security mechanism to protect." "Absolutely agreed!" Add two comments as the end of this article: first: Cloud Silver users are not cloud users (in this case the only cloud user is "first Cloud silver"), no wonder their security needs can be satisfied with the network security method. Second: A specific example of the aftermath of this financial tsunami that might make a bad thing happen is that people have begun to seriously consider the question of the privacy of banks ' clients and the livelihood security of the masses.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.