Security evolution: From "cloud computing" to "cloud security"

The term "cloud computing" is changing into an oversized basket, where SOA, virtualization, SaaS, Web services, and grids can be installed. For computing itself, the cloud model makes the network an interface, a standard AC socket, which is the driving force behind a new round of technological innovation.

Cloud computing (Cloud Computing) is becoming a technical jargon or even a code word. Not only are big companies such as Google, IBM Microsoft and Yahoo, the cloud fans, but smaller companies are moving closer. CRM software online service provider Salesforce.com began to call itself the cloud computing application, which was previously positioned as the SaaS (software as a service) model of "replacing traditional software delivery"; Facebook simply claims to be a cloud-computing platform where developers can develop applications on the platform and distribute them on the platform.

"Really, we don't create storage, database, computer, or database functions, but provide a more economical way to process data." "said Andy Jessi, senior vice president of Amazon Network services. Founded in 2006, his department is a pioneer in cloud computing infrastructure service providers, and the New York Times uses the "Flexible Computing Cloud" (Elastic Compute Cloud) service to provide the newspaper version from 1851 to 1922 on the Internet.

In short, cloud computing means that computing resources are acquired, processed, stored, delivered, and databases are from four of the company's own walls, and users simply pay for the portion of the resources they use. In the past few years, this computing pattern has also been called grid (NET) or utility computing (Utility Computing)-access it when it is needed, like using a power network or running water, and paying only for the part that is used. At the same time, its application marginal successfully expands to the domain of SOA, virtualization, SaaS, Network Service and so on.

The Almighty cloud?

Just as the MP3 player kills CDs, cloud computing will inevitably break the old computing model and trigger an "omnipotent" fervent fantasy: with high-speed Internet access, near-limitless storage space, and the ability to assemble, what else can't do?

Within a day of June 24, IBM also set up two cloud computing centers in Johannesburg, China and South Africa. At the end of the year, IBM plans to build at least 10 cloud computing centers around the world. IBM has dubbed its own idea "blue Cloud", with at least 200 researchers focused on cloud computing.

"As time goes by, some old things appear in new faces." Nickolas Donofrio, IBM Global Innovation and Technology executive vice president, lamented. In recent years, IBM has done a lot in the efficient operation of data centers, such as Grid computing, which centralizes desktops and other devices, and users extend computing across many machines and make programming simpler. With the network bandwidth and virtualization technology far beyond the current year, the grid technology has been carried forward with the help of cloud computing. "In a sense, cloud computing is a natural development of grid computing models," he said. "What's different, says Frank Gens, an IDC analyst, is that Google's programming model and its true openness--ordinary people can also write apps, without having to be PhD at Stanford or Carnegie Mellon University. ”

A vivid example of the charm of cloud computing comes from Animoto, a company founded in New York, which is only 18 months old, allowing customers to upload their pictures and music and provide automatic generation of customized web-based video display services that people can share with their friends, This service is used by about 5,000 visitors a day.

In mid-April this year, Facebook users ' interest in the app came to a small climax, with about 750,000 people registering on Animoto in three days. At peak hours, about 25,000 people use Animoto services every hour.

To fill the server's demand gap, the company needs to expand its server capacity 100 times times on its existing base. But the founders did not have the money to scale server expansion, or to manage the servers with technical capabilities and interest.

So they started working with rightscale-, a cloud computing service provider based in Santa Barbara, California, which designed apps for Amazon's cloud computing. With this collaboration, Animoto only needs to pay for a three-day surge in traffic and does not need to buy or configure any new servers. It takes the load to Amazon, a server that costs about 10 cents an hour, and includes some marginal cost of bandwidth, storage, and related services. When server demand drops, Animoto automatically lowers their server usage and lowers their bills.

The combination of rapid response capabilities and new sales and marketing channels like Facebook causes software companies to have a strong interest in cloud computing. This is even true for companies that are not in the software industry-traditional companies are also changing their computer architecture to use cloud computing.

"In fact, cloud computing plays a role in technology as the power network does for power applications," Nick Carr, the former executive editor of Harvard Business Review, compared cloud computing and power Networks in his new book, The Big Switch. The power network has improved the company's operations, and when every home has cheap energy and access, "there is incredible creativity to take advantage of these cheap energy," Carr said. He thinks cloud computing will also lead to a similar cycle in the next 10 years with power networks.

Safe in the Cloud

In theory, cloud computing's powerful data operations and synchronous scheduling capabilities can greatly enhance the responsiveness of security companies to new threats, while at the same time distributing patches or security policies to branch nodes.

Oscar, global vice president of Trend Technology and executive director of Greater China, said the trend has been to focus on cloud computing models as early as three years ago, exploring how to put the increasingly large database of clients on the cloud.

For traditional anti-virus vendors, the introduction of cloud computing can greatly enhance their ability to collect virus samples, reduce the threat response time. Trend technology, rising has played a "security cloud" calculation slogan, network security vendors Websense in the malicious code collection and emergency response has taken full advantage of the characteristics of cloud computing, its global deployment of honeypot and grid computing close combination, you can in time to respond to the network constantly emerging new attacks, Provides strong support for the timely updating of its rule base.

The premise of implementing secure cloud computing is to collect users ' security threats quickly and efficiently. Through the implementation of cloud computing data analysis, to respond to user security requirements. So how to quickly and accurately collect user's exception information, becomes the security cloud computing implementation first difficulty.

Trend technology uses a global network of threat information to intercept web threats before they reach the network or computer. Almost all security vendors, including Microsoft, have been tracking the use of terminal equipment in real time.

At the same time, in order to facilitate more accurate and rapid access to information, Symantec, Trends and other manufacturers set up a dedicated "honeypot system" to widely collect the attacks in the network, "Honeypot + Grid Computing" architecture is considered a simple implementation of cloud computing.

Cloud computing is a system pool that is highly scalable and manageable and capable of computing infrastructure for end-user application software, according to Forrester's analyst. But if the infrastructure of each cloud is unique, and if the infrastructure is to apply virtualization technology, how to address license licensing becomes a problem to consider when implementing cloud computing. At the same time, it is necessary to solve the real problems such as access rights, data storage and data isolation of cloud computing privileged users.

Market research firm Gartner says security software will shift from PC endpoints to cloud computing. Over the next five years, the proportion of malicious software and spam detection revenue in cloud-based e-mail and instant messaging will increase from 20% to 60% of the total message security revenue.

Security company Symantec has also predicted the shift, with home users and corporate users moving from installing security software on a single computer to accessing security services online via a remote computer. Symantec says companies are already using proxy security servers to reduce the impact of security software on performance.

Cloud based proxy computers can provide security services that were previously performed locally, such as mandatory identification, data loss, intrusion detection, network access control, and security vulnerability management.

Gartner analyst Kelly Kavanagh says the ability to deliver large, scalable processing, storage, and bandwidth in cloud computing will require new ways and new service providers to provide security control and functionality to users.

Cloud worries

However, some practical problems may still turn the cloud into rain.

Carr also paints a less bright side of cloud computing in the big shift. He thinks calculators are both liberating and controlled technology. Especially when the system becomes more centralized, the personal data is exposed more and more, when the data mining software becomes more and more professional, the control hand will prevail, and the system will become the perfect machine for monitoring and manipulating human beings.

Google's privacy policy stipulates that it will share data with the government if it has to provide relevant data to meet "any applicable laws, regulations, legal procedures, or enforcement government requirements" if the company "kindly justifies". Scott Petry, Google's product management director, said: "When we treat our customers ' data, we have more audit and regulatory efforts than many customers themselves." But if we receive a subpoena, we will act according to the law. He added that in some cases subpoenas could be "confidential", that is to say, Google could follow the law without informing users of their data to be provided to the Government.

"The limitations of using cloud computing are a sensitive issue that companies have to take seriously, and companies must measure the risks that cloud computing will have when and where it works," says David Cearley, vice president and analyst at Gartner Consulting. "By reducing the control of some data to save economic costs, it means that it is possible to store sensitive business data, such as corporate information and customer information, in the hands of cloud service providers, and it is important for information managers to choose whether such transactions are worth making."

The recent series of significant network failures has raised real concerns about the reliability of cloud computing. In February and July of this year, Amazon's "Simple Storage Services" (Simply Storage service, short S3) two outages, resulting in a network of single storage services to the Web site was paralyzed. Amazon explains that service outages are the result of an increase in the number of authentication requests, and that the S3 problem prevents new virtual machines from registering on the computing cloud so that some virtual machines fail to start. For these in the start-up period, the company's users stickiness is not small enterprises, the loss of the site paralysis is very easy to shake their confidence.

In July this year, Google Apps, which is thought to be replacing traditional apps such as Microsoft Office, interrupts services, and users ' files can only "Stay" in the cloud; in August, Google's cloud computing services were in serious trouble, Services such as bloggers and ToolStrip have been in service for a long time, and Gmail services have been shut down three times in two weeks, with disgruntled users flocking to the Twitter site to complain. Google research, this is mainly because of Gmail's contact system with storage and transportation loss problem, resulting in Gmail mailbox can not download the normal data.

Cloud computing mode, all business processing will be completed on the server side, the server once the problem, will cause all users of the application can not run, the data can not be accessed. Due to the timely repair of network engineers, the time to solve cloud failure is not long, but enough to serve as a warning to cloud computing. After all, these cloud services are very large, in the wake of the problem, it is easy to lead to internet users of the cloud model of suspicion, shaking the user's confidence in cloud services. This shows that if the reliability of cloud computing and security of the soft rib can not be well resolved, the popularity of cloud computing is still a long way to go.

Clouds of Sorrow

In response to the cost, reliability and security of cloud computing, Jeff Keltner, Google Apps business development manager, retorted: "People think driving their own cars is more comfortable than flying, but statistics show that it's safer to fly." When we think of cloud computing, we should compare the risks of cloud computing with the risks of existing business environments. ”

But CIO Carolyn Lawson of the US-Nepal Public Utility Commission apparently disagreed-"from the government's point of view, we don't migrate all the data to the cloud because our data includes personal Social Security numbers, driver's licenses, information about children, etc. The public will give us their personal information and hope that we can protect the information well. If we give this information to a cloud company and the company illegally sells it, how do we solve it? We have to take this responsibility. ”

At this stage, the cloud computing model seems to be better suited for those who need computing power urgently because of new projects, they can mobilize all the computing instances in the cloud environment and turn them off when they are not needed.

On the other hand, "cloud" applications are also a way for certain industries and users not to choose. In the area of anti-virus software, the rapid spread of the virus in the user terminal set up the virus is overwhelmed. "How to solve the problem of a new virus every 3 seconds is the reason why the trend started to cloud technology." If we simply take the traditional approach, we feel that there is no way to solve the problem. "Oscar said.

In practice, most companies in developed countries already have infrastructure that relies on traditional hardware, software, and conventional methods of work, and some have even established local data centres for existing local data and operations; in Southeast Asia, India and China, small and medium-sized enterprises rarely have complex clients Server infrastructure. Moreover, the price of the server continues to decline, and the continued use of inexpensive traditional device architectures is not an advantage.

Since the advent of cloud computing, the voice of doubt has not subsided. Despite such doubts, we attribute it to well-meaning questioning. After all, cloud computing is only in its infancy, with many shortcomings, difficulties and challenges more than direct benefits, but if it is easily denied, it is tantamount to rejecting the new development of the information age and killing a rising seedling. Cloud computing has many security risks and is not about persuading users not to use cloud computing. For users, it is more important to increase security awareness under cloud computing, clearly understand the risks and take the necessary precautions to ensure security.

The inheritance of the cloud

Cloud Computing announces the end of the era of device-centric computing, replaced by interconnection-centric computing. But not just in the air, by grandstanding to win praise. Because cloud computing is very similar to the concepts of public computing and on-demand computing, many people confuse them. In fact, but from the basic level, the capacity of the cloud is more broad, the cloud computing environment may actually exist in a grid, in a common computing environment, or in an on-demand calculation, but it may not be important to the users of the service, who do not necessarily know where the cloud is, but can easily use it.

The evolution of cloud computing, roughly through grid computing, public computing, software that is three stages of service. In the 80 's of the last century, grid computing developed rapidly with the Internet technology. It uses the internet to make a "virtual supercomputer" of distributed computers, with each computer participating in computing forming a "node", while the entire calculation is made up of thousands of "nodes" to form a grid that provides new services that could not have been completed before. It can be said that grid computing has pushed the IT computing world to resources and services for the first time.

At the end of last century, virtualization gradually moved from concept to application level, and public computing emerged. It uses the computer cluster which dominates the grid computing as the virtual platform, and uses the measurable business model to compute. With public computing services, all computing resources, including hardware and software, are provided by service providers, and customers can only access the required resources through a proprietary network or the Internet and pay for actual usage. Among them, the billing project includes CPU time, storage capacity, software usage and so on.

As a completely innovative software application model, SaaS begins to flourish. Users do not need to buy software, but according to their actual needs, to the provider leasing web-based software to manage business activities. SaaS providers provide Internet access to their customers while also providing offline operation of software and local data storage, allowing users to use their ordered software and services anytime, anywhere. Unlike a public calculation, it is not charged for resources consumed, but is based on the value of the application provided to subscribers.

Looking at the evolution of cloud computing, where common computing often requires infrastructure like "cloud", it focuses on business models, where companies pay only for the computing resources they use when they really need it. As SaaS software customers grow, customers consume more and more of their networked storage and bandwidth base, forcing SaaS vendors to provide more hardware resources. At this point, cloud computing's vast network of resources is the only choice for SaaS to increase capacity.

Traditional data centers require energy, cooling systems, and server racks beyond the IT resource capabilities of most organizations. The red-shift (redshift) institutions, which have grown much more than Moore's Law for computational power, are making their vast computing resources available to everyone, thus avoiding the ability of institutions to own and control very large and expensive data centers alone. After throwing the red shift theory, sun quickly dug into its own "long tail"-Data warehouse, Grid computing and other high-performance computing will be very common. The discovery also revitalized sun in the twilight and adjusted the strategy to continue a breakthrough in high-performance computing, expanding another market for a stable number of large customer services.

Sun's Papadopoulos uses energy utilities to figure out the solution to this problem: just as institutions are switching from their own power generation to buying electricity from the grid. He suggests that computing should be a public resource, with institutions sourcing the data-processing services they need from a fairly "grid" location, rather than having their own datacenter.

It can be said that grid computing takes the first step of making full use of computer resources and integration, provides a technical foundation for cloud computing; The utility model offers a typical case for the cloud computing model by using the consolidated computing resources as a measurable business and providing a possibility for the cloud computing business models. Believe that there are several aspects of accumulation, coupled with Microsoft, Yahoo, IBM and other IT giants of the exploration, research, once the industry to find a more complete security solutions, cloud computing popularization of the application of the trend will be unstoppable.