Report looks forward to future cloud data security trend

In the face of the changing network security situation at present, the international famous Virtual data Analysis Center has published several reports on cloud security.

"By monitoring the global Network application environment, researchers have identified a new array of attack methods that are focused on today's increasingly intelligent and increasingly covert distributed denial of service (DDoS) attacks," the report said. In this report, it is pointed out that server-based botnet and encryption layer attacks are two new tools for DDoS attacks on corporate networks, and since September 2012, both new attacks have been used frequently by intruders of U.S. financial institutions. ”

The report's writing team also noted that when security agencies focused their primary energies and attention on the two phases of "pre-attack defense" and "after attack" of security defenses, the attackers switched to the strategy of launching a lengthy attack that lasted several days or weeks. Because defenders often lack effective means and resources to mitigate attacks at this stage of the so-called "attack", they expose a series of weak security blind spots in which attackers exploit the security blind spot of this phase to create a disturbance.

List several cloud security status and possible future problems:

1. Server-based botnet is a new and more harmful way of attacking DDoS attacks.

2. The number of DDoS and Dos attacks that lasted longer than a week doubled in 2012. Difficult to detect encryption layer attacks can not be ignored.

3. In today's security environment, the security defenses of many corporate institutions are clearly inadequate.

4. Attack the "DIY" phenomenon. The proliferation of "DIY" websites specialising in hacking techniques has reached the scale of the commercialization market.

From the analysis of the report and the list of problems we can see that, with the continuous development of cloud technology, its use of the number will increase exponentially. At the same time, because of the existence of network information sharing, hackers can also use cloud technology to launch more changeable and longer cycle attacks. And in the enterprise because of cloud technology is still in the groping stage, through it to improve the operational efficiency of enterprises is still in the initial stage, such a situation so that enterprises can not pay attention to the security of cloud technology, and because the technology itself is still in the development stage, so enterprises and institutions defensive means appear weak and weak.

So this report allows us to make predictions about future data security: because we must keep up with the footsteps of the times, so the introduction and application of cloud technology is necessary, in the face of its security problems, in addition to the continuous development of technology itself to improve, we must also seek a source of data to protect the security means, Ensure that the data can pass through this period of cloud development transition.

So in the interim of cloud technology, we must find a technology that can protect the data source, and this technology is encryption technology.

Encryption is not a new technology. It has been used long ago to protect information security. As early as in ancient times of war, military intelligence and transfer are written on paper and transmitted through people, in order to avoid being intercepted by the enemy and know their own military deployment, the ancient people of the content of information through some form of change into a different content, and the original information content is irrelevant, Only those who know how to decipher the formula can understand the true meaning. This approach to information itself is the archetype of modern cryptography.

Time into the information age, information and information are converted into a set of binary data, and do not need people to pass, but through the network or some mobile it media. And encryption has evolved over time to become an electronic encryption technology for this data. Electronic encryption is through a series of algorithms to encrypt the data processing, so as to achieve the same as the ancient changes in the original content of information effect. With the change of the Times, cryptographic software technology has undergone the period of symmetric algorithm, asymmetric algorithm and the combination of the two irreversible algorithms. Symmetric algorithms are now being applied to cryptographic modes of multiple password classes, while asymmetric algorithms are often used to protect core secrets. The newest irreversible algorithm sets the advantages of asymmetric and symmetric algorithms, and becomes a kind of encryption algorithm for data transmission. The fusion of different algorithms is the key to the development and progress of encryption technology, and in the information age of cloud technology in the transition period of data security, a kind of encryption technology can adapt to a variety of environments into the eyes of people, that is multimode encryption technology;

This flexible encryption technology can solve the cloud computing and applications due to data in different environments caused by the encryption difficult problem, at the same time for the enterprise itself, according to their own needs of the choice of encryption mode, but also let enterprises in the use of cloud computing, the development of different security strategies to provide effective technical support.

The information age into the cloud computing application period has been unable to reverse the fact that the enterprise in the cloud era, must analyze the current information security situation, while using the best data security software, encryption software to protect the security of the core data, so that enterprises in the cloud era continue to move forward steadily!

(Responsible editor: Lu Guang)