Security analysis of cloud computing data center

Source: Internet
Author: User
Keywords Cloud computing security cloud services

At present, cloud computing is highly praised by industry and launched a series of services based on cloud computing platform. But security has been a concern in the already-implemented cloud computing services. Security and privacy issues have become one of the main obstacles to the spread and spread of cloud computing.
  

In an IDC survey of "What do you think the challenges and problems of cloud computing model" is, security is at the top of the 74.6% ratio, and the security issue is the biggest concern for cloud computing. January 21, 2011, ITGI, a research firm, says many companies are controlling investment in cloud computing, given the security of their data. Half of the 834 CEOs of the 21 companies surveyed said they were delaying the deployment of the cloud for security reasons and One-third of users were waiting.
  

Cloud Computing Data Center as the core platform for cloud computing, its security considerations are more important. What are some of the different risk points that cloud computing brings to the usual data centers that require special attention?
  

The special risk point of cloud computing data center
  

Due to the "dynamic cloud" characteristics of cloud computing, the main risk points of cloud computing can be summarized as follows:
  

1. Resource and Data Outsourcing
  

Enterprise resources and data are placed on shared public networks, outside the enterprise boundaries. Cloud computing, the new service model, separates the ownership, management, and use of resources, so users lose direct control of their physical resources and face some security problems in collaboration with cloud services. At the same time, more and more data are stored in the cloud, which means that the more data can be abused. If it is not important data, the company's concern is not so big, if it is confidential data, that is, corporate privacy, the information is stolen, the blow to the enterprise is very large, this is also a lot of companies have not yet dared to try cloud computing reasons.
  

2, cloud computing service provider's reliability
  

Ideally, your cloud provider would never go bankrupt or be bought and swallowed by a larger company. You must be sure that the data will continue to be used after such an event occurs. Ask a possible cloud service provider how to get your data back and whether the data format allows you to import into alternative applications.
  

3. Multi-tenant environment
  

Data is typically in the cloud in a data-sharing environment with other customers. While encryption is effective, it is not a panacea, so find out if your data is isolated during hibernation. Cloud computing platform integrates a number of tenants, how the information resources between the tenants of the security isolation, the service specialization caused by the multi-level subcontracting of security issues.
  

4. Dynamic Trust boundary
  

The trust boundary of the enterprise is dynamic, and the enterprise cannot determine the change of the trust boundary. When using cloud computing, customers may not know exactly where your data is hosted. In fact, you may not even know which country this data resides in, or it may be spread across a changing set of hosts and data centers.
  

5. Lack of transparency
  

The lack of transparency in the security controls and implementations of cloud computing services providers is a lack of transparency in the areas of service level agreements, provider management functions, and security responsibilities for most cloud providers. The vulnerability of cloud computing services software is not transparent to cloud users, which hinders the user's management of the risk associated with the vulnerability.
  

6, the Cloud management standard lacks
  

Cloud computing providers must comply with various it process control and management requirements, both external and internal requirements can be achieved through joint compliance efforts to address all of these requirements, using a more unified and strategic approach that enhances efficiency and compliance while achieving seamless interoperability between different cloud computing. At present, various kinds of cloud computing standards are still scarce, making it very difficult for companies to change cloud service providers.
  

II. Cloud Computing Data Center security Policy
  

Cloud computing security and traditional IT security have a lot in common, their ultimate goal is to protect the integrity of the data, the protection of the objects are computing resources, storage resources and network resources. However, due to the different characteristics of cloud computing, in addition to the traditional it protection technology, the following is for the cloud Computing data Center security response considerations.

Ordinal cloud computing Risk Point Security Policy 1 resource and data outsourcing 1, cloud providers must be required to provide specific information about the hiring and monitoring of privileged administrators, as well as ways to control their access. 2, the cloud service provider to accept external audit and security certification. 3, install patches and upgrades to the browser to reduce the threat of browser vulnerabilities. 2 Cloud computing Service provider Reliability 1, the choice of large brands, the strength of the cloud service providers. 2. Choose the cloud service provider with high availability index. 3, choose to use the General Cloud computing Interface API Cloud service provider. More than 3 tenant environment 1, the cloud service provider should ensure that the storage space where the data resources are released or reassigned to other cloud users before they are completely cleared. 2, the data using predicate encryption or full homomorphic encryption scheme. 4 Dynamic Trust boundaries 1, network connections between virtual servers that need to communicate with each other should be done by VPN. 2, the use of identity joint framework and processes. 5 Lack of transparency 1 requires cloud service providers to provide the required information in the areas of SLA, provider management, and security responsibilities. 2, need to provide the cloud service provider identity authentication and access control to give additional attention and understanding. 3, the cloud service provider in the use of third-party applications, components or WEB services, users should be third-party application providers to do risk assessment. 6 The Cloud management standard lacks 1, the government Organization's information supervision, the privacy protection and so on related system promulgation, will maintain the profession the healthy sustainable development. 2, improve all kinds of common standards and practice of cloud computing, industry promotion.

  

Iii. Summary
  

A secure information system should consider not only environmental security and technical security, but also management security, not only to provide static protection capabilities, including the prevention and reduction of fault, damage, but also the ability to have active defense, can detect attacks in time, and can recover from the damage. For cloud computing Data Center security, through a single means is not enough, the need for a complete system, involving a number of levels, from the law, technology, supervision three levels. Cloud computing security is an absolute problem, but with the development of cloud computing technology, a better understanding of cloud computing, more transparency and better security technology, cloud computing security concerns and sound will gradually disappear.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.