Cloud Security: Danger (and Opportunity) Ahead

19.05.2009

Some may add the following:

"and available via the Internet"

I will treat the second part of the definition as optional, for the purpose of discussing security. I find that the connectivity method here is secondary to the basic tenets of security, and thus am able to include locally virtualized machines in the discussion.

Generally, the purpose of cloud computing is to avoid the expense involved in building or acquiring the infrastructure. Similarly, when deploying virtual machines, one does not buy multiple servers or separate processors. I find the computing slice concept -- which includes storage, processing power, etc. -- to be a compelling one. In the near future, I predict that we will not even CARE whether the computing slice resides locally or across the world. As long as the computing service is provided in a timely and efficient manner, we will be satisfied.

When dealing with cloud-based delivery, the problem with security grows. Instead of having direct control over our concept of "defense in depth," we now have marginal control at best. Many times, such as with AmazonAmazon's EC2 service we have virtually no control, no pun intended. We sometimes do not have even the basic notification of something about to go wrong or something that has. Alles zu Amazon auf CIO.de

Zur Startseite