Talk about trend technology and some of the interesting work that IBM has done

51cto.com Exclusive Translation I'm beginning to think that the fear of cloud security is a bit exaggerated. Reason？ Because a smart framework for protecting data, applications, and connections is already there. It's called "encryption." is now in development, and is nearing perfection is a set of agreed implementation and best practices. With this article, let's talk about some of the relevant and interesting work of trend technology (Trend Micro) and IBM. As for trend technology and IBM, we can add this comment in addition to the industry leader identity: Most security product sellers and cloud service providers themselves are also studying cloud computing security. Hindering the writing of a roadblock about cloud security people tend to choose to shut up and not talk about the subject because security is a matter of importance. As the old saying goes: "If I told you, I'd have to kill you." "In addition, there are a variety of different activities, it is difficult to the direction of security issues a holistic grasp." Therefore, my attempt to cram all the relevant topics into this "encrypted" pocket is a summary attempt, and an induction of these activity junction points to try to find out some meaning. When I want to combine all the complex and comprehensive articles, I find that all I can do is provide some incomplete fragments. So I'm going to list very interesting three points below, though there is no close correlation between them. 1. Encryption has been used first, I received a reminder from my readers (comments from my previous blog) about his use of encryption to protect the cloud connection. "I've been using Amazon WEB services since the beginning of 2006, and I can only talk about it from my experience, but all the tools are there, only they are used." For example, you can use the rotation key (rotating key), I like the private VPN best. If you already have a well-functioning security architecture, you can now use private VPNs from within your existing systems to extend Halo resources without having to be open to your system. In the early 80, we encountered many of the same problems when we connected those annoying LANs through an SNA gateway to a host system that could be transacted. "2. The improved cloud encryption technology is being studied. My friends in trend technology have hinted that they are doing some functional work in the future for some uncertain date (I would like to clarify that they haven't talked about going into production) and they will provide encryption for public cloud computing. These studios are based on the Technology of Identum Ltd, a British company hatched at the University of Bristol (Bristol University), which was bought in 2008 by Trend technology. Identum's technology forms the basis of current e-mail encryption solutions for trending technologies.Indentum's encryption experts are now involved in the study of cloud computing. This basic and very powerful idea is to provide an encryption agent for each virtual computing instance. In this way, each virtual machine (VM) will have its own hosting manager to ensure the correct application of the encrypted security resource. In essence, the biggest benefit you get in this way is the automated application of security policies everywhere. Therefore, you will have cryptographic key management that is built into the process, and you don't have to worry about the unprotected virtual machine instances of your computing resources. 3. Tempting 3rd for 3rd, I really can't think of a suitable title, only use it. From the second generation of trend technology to this section on IBM, I should say that encryption key management is not trivial. You can imagine that all cloud security relies on the ability to generate and distribute these keys while keeping them from falling into the wrong hands. Hackers are not able to hack your keys, invade your security system, and what they do is steal these keys. This is the result of IBM's research on homomorphic cryptography. See this press release: IBM researchers have solved the long unresolved cryptography challenge. This is a very difficult topic, and I can restore it as much as I can, and IBM's breakthrough is that it allows users to send encrypted data in every area of the cloud, manipulate it in any way you want, and eventually you can still decrypt it. At present, there are strict restrictions on what can be done to encrypt data, because some operations can make the data a mess so that it cannot be decrypted again. Why is this a problem? Because you want to process the encrypted data as long as possible without having to restore it to a simple visible format. That way you don't have to spend time on a key, or, more damaging, provide those keys to someone you can't confirm whether or not you're trustworthy. The problem with IBM's research is that it doesn't confirm that they've solved the problem. Longtime authority Bruce Schneier points out that their work is theoretically impressive, but completely unrealistic. At any rate, IBM has found a fulcrum to push this thing forward. Finally, I'd like to recommend a good article to you, George Reese's "20 Rules for Amazon cloud security." The basic point of his essay is "Encrypt Everything" and use the decryption key only on the surface of the simple instance you are using. "51cto.com exclusive translation, reproduced please specify the source and the author!" The