Secure Cloud Computing on Ulitzer
Security in the Ether, by David Talbot
MIT Technology review recently published a great article titled: Security in
the Ether addressing security, privacy and reliability issues resulting from
Some of the interesting points in this article include:
The cloud security threat is across two related dimensions:
i) cloud resident data may be lost due to equipment/software failure or
stolen by a hacker because of the shared resouce nature of cloud computing
ii) cloud data may be mishandled by the cloud provider because of technology
gaps, but more importantly, such information can be extracted through a court
Whether the data resident in the cloud versus on-premise makes it more or
less likely to a subpoena being exercised is yet to be seen. Bit and bytes
lost accidentally or intentionally have a st... (more)
Gateway Sessions at Cloud Expo
Security has been on the forefront of discussion in the technology community
as being the primary concern gating enterprise adoption of cloud computing.
Although this is a valid concern, most cloud providers, owing to the security
demands of maintaining a multi-tenant infrastructure, provide strong security
provisions, perhaps better than an enterprise's own data center.
Legal, compliance and process issues become more significant rather than
technical security concerns.
Moving into 2010, reliability will be a higher concern for enterprises.
Recent ou... (more)
The Cloud Security Alliance (CSA) published Version 2.1 of its Guidance for
Critical Areas of Focus in Cloud Computing with a significant and
comprehensive set of recommendations that enterprises should incorporate
within their security best practices if they are to use cloud computing in a
The Guidance provides broad recommendations for operational security concerns
including application security, encryption & key management, and identity &
access management. In this article, we will consider security implications of
REST- and SOAP-based communication between co... (more)
According to Massimo Pezzini, VP and Gartner Fellow, "Federated SOA is a
systematic approach to large-scale, enterprise wide SOA that enables
organizations to integrate semi-independent SOA initiatives.
Often used to fix an initial lack of coordination, federated SOA should be
proactively pursued from the inception of major, strategic SOA initiatives."
-- Divide and Conquer: Taming Complexity Through Federated SOA.
Successful enterprise SOA implementations build on a set of localized,
project-level efforts with services that have clearly identified and
accountable business and te... (more)
If you're having trouble getting your head around a single cloud deployment,
please feel free to skip this article.
Now if you're someone who thinks that most IT resource will eventually live
in a private or public cloud-based domain, you're not alone, and you may
start looking into how best to work in a multi-cloud environment.
Paul Krill's article "Cerf urges standards for cloud computing" highlights
cloud interoperability and portability issues discussed by Vint Cerf,
co-designer of the TCP/IP protocol that forms the back bone of modern
It behooves us to conside... (more)