Clearing the Cloud 3: Some Security What-Ifs

Security expert Ariel Silverstone continues his series on the threats facing the cloud and how best to secure it.

By Ariel Silverstone
Wed, January 13, 2010
. What's this?

CSO — In the first in his series of "Clearing the Cloud" columns, security expert Ariel Silverstone explored the dangers of jumping too soon into cloud computing. In the second article, he defined relevant risks that we must consider when implementing cloud computing and promised to show us some solutions. In this article, he continues his vision on how to manage and secure cloud-computing solutions.

In the sections that follow I will put forward some ideas on how to resolve issues defined in my two previous articles. I will also attempt to show some of the security-related benefits we can garner from the use of cloud computing, especially those that we could not, or could not easily, do before.

The approach

Part I -- A Cloud OS:

In the early days of such companies as NetApp (NTAP) and EMC (EMC), one of the largest challenges faced by hosting providers was how to allocate, measure and control, bit/strip/block assignment to a specific user, and how to protect such elements from unauthorized access/modification, erasure and disclosure.

Such concern led, ultimately, to elaborate control systems, and to the concept of the Filers. Today, every large enterprise uses those tools and concept, usually seamlessly, and provides online and near-line service to its users and customers.

Let's do the following:

-- Create a bucket numbering and identification system where

1. Such identification is created on the fly

2. Such identification has a lifespan that terminates when the utility of such bucket terminates

3. Such identification is inherited to a backup medium (tapes or other identically copied buckets)

4. Such identification is done with consideration as to the ownership (process, user, organization, etc) of data in that bucket

5. Such identification is based on a federated model, where different physical locations, and even Cloud service providers, can understand, accept, and act upon each other's schemes

6. Optionally, such identification is tied to a digital certificate scheme

-- Implement a tethering scheme, a-la DRM, but much more user friendly, to monitor, pull, identify and allow/disallow access to such buckets

-- Implement an in-bucket modular encryption ability

-- Apply a monitoring, auditing, measuring and reporting mechanism

-- And finally allow relationships and some property inheritance between buckets.

Part II -- A Reference Model

Needing a presentation model is not something I can discuss here -- cloud computing is too early a concept to divine whether one will be needed. So let's start with the others:

1. Physical: For the first time in the history of computing, we could care less about the physical side of operations in this model. The physical (or rather the meta-physical in the case of Cloud Computing), is simply not relevant. Neither CISCO UCS nor VMWare, neither 3Tera's excellent product nor the IEEE's 802.11 definitions actually require, define, or mandate any particular Physical element to Cloud Computing. We should celebrate -- one step closer to Cloud Nirvana.

Continue Reading

Originally published on www.csoonline.com. Click here to read the original story.
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
White Papers »
How Much Containment Is Enough?
Achieving an optimum degree of airflow containment cannot be reached through a one-size-fits-all solution. The true measurement of any containment solution is dependent upon using a Hot Aisle, Cold Aisle or Cabinet Containment strategy that has been optimized for airflow, static pressure, leakage, bypass air and temperature variance.
Fast Track your Access to Business Intelligence
Identifying the right configuration and deploying complete, scalable data warehouses can be a time consuming, costly and error-prone process. Success ultimately depends on the ability to deploy a system that can support an expected level of performance - then allow that performance to scale linearly as needed.
Best Practices for Implementing a Data Warehouse on Oracle Exadata
Increasingly companies are recognizing the value of an enterprise data warehouse (EDW). A true EDW provides a single 360-degree view of the business and a powerful platform for a wide spectrum of business intelligence tasks ranging from predictive analysis to near real-time strategic and tactical decision support throughout the organization. Ensuring the EDW will get the desired performance and will scale out as your data grows you need to get three fundamental things correct, the hardware configuration, the physical data model and the data loading process. By correctly designing these three corner stones you will be able to create an EDW that can seamlessly scale without constant tuning or tweaking of the system.

By using the Oracle Exadata Database Machine as your data warehouse platform you have a balanced, high performance hardware configuration. This paper focuses on the other two corner stones, data modeling and data loading, providing a set of best practices and examples for deploying a data warehouse on the Oracle Exadata Database Machine.
Oracle: Big Data for the Enterprise
Analyzing new and diverse digital data streams can reveal new sources of economic value, provide fresh insights into customer behavior and identify market trends early on. But managing this influx of new data can be a challenge. To derive real business value from big data, you need the right tools to ca! pture and organize a wide variety of data types from different sources, and be able to easily analyze it with your enterprise data. By using the Oracle Big Data Appliance with Oracle Exadata, enterprises can acquire, organize and analyze all their enterprise data to make the most informed decisions.
Oracle Database 11g Product Family
By deploying Oracle Database 11g within their IT architecture, organizations can leverage the power of the world's leading database to reduce their server and storage costs and improve quality of service. Read this white paper to get an overview of the Oracle Database family of products and learn how you can transform your business, budgets, and service levels with Oracle Database 11g Release 2.
Oracle Real Application Testing 11g Release 2
Real Application Clusters with Oracle Database 11g, enables a single database to run across a cluster of servers, providing unbeatable fault tolerance, performance, and scalability with no application changes necessary. This white paper provides a technical overview of Oracle Real Application Clusters 11g Release 2 with an emphasis on the features and functionality that can be implemented to provide the highest availability and scalability for your enterprise applications.
Webcasts »
Enterprise Data Warehouse Appliance (EDW)
Join IDC Analyst Dan Vesset and HP Senior Architect, Jeff Spiller, as they discuss the rise of analytics, the impact of big data and need for scalable enterprise solutions. Learn about the HP Enterprise Data Warehouse appliance, which offers massive scale at low cost for single rack appliances up to large scale Data Warehouses. All while providing a single view of information across your enterprise that scales with your data, improves query performance and reduces IT cost over traditional data warehousing offerings. Featuring Intel® Westmere processors. View the entire webcast or only the chapters you desire.
Appliance video
The first appliance in the industry which consolidates and manages thousands of databases, integrates hardware, software and support and is scalable to meet your changing business needs.
Database Consolidation-SQL Server Appliance and Building Your Private Cloud
Please join guest speaker IDC Analyst Carl Olofson as he discusses Enterprise Data Center challenges and why database consolidation is important and necessary. And hear from HP expert Joe Sullivan, who will discuss the HP Database Consolidation Appliance and how it addresses enterprise industry challenges. Joe will provide an overview of product architecture and details on how the appliance enables companies to build their own private cloud. This webcast will provide the latest information for simplifying your data management needs while reducing costs.
Gaining A Competitive Advantage With Your Data
Fact: The demand to respond faster and with greater insight to business demands, based on data, is increasing. Fact: More organizations are turning to business intelligence (BI) and data warehousing for insightful decision-making.
Leverage automation today to reduce IT complexity
Date: Tuesday, June 5, 2012, 2:00 PM EDT

Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific needs or traditional under investment, the net effect is usually the same: high cost and lower productivity. Enabling business-to-business (B2B) integration using point-to-point EDI translators is usually time intensive and cost prohibitive.

Join IDC's Maureen Fleming and SAP for an insightful Webcast on the different approaches companies are taking to B2B integration and how you can ask the right questions to reassess you B2B approach.
Delivery Management -- Extending Lifecycle Management
Date: Wednesday, June 20, 2012, 1:00 PM EDT

Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs, project delays, lower quality, and time-to-market delays. Providing a collaborative platform where the whole organization can prioritize, share and manage deliveries with more transparency can help the organizations make more informed decisions at all levels, and greatly improve communications and traceability between teams. Hear from application lifecycle management experts how to increase delivery efficiency and effectiveness with a new approach to Delivery Management.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

How Much Containment Is Enough?

Fast Track your Access to Business Intelligence

Best Practices for Implementing a Data Warehouse on Oracle Exadata

Oracle: Big Data for the Enterprise

Oracle Database 11g Product Family

Oracle Real Application Testing 11g Release 2

Backup and Recovery Performance and Best Practices for Exadata Cell and the Sun Oracle Database Machine

BDW IDC White Paper

An Introduction to the HP Business Decision Appliance

EDW Solution Brief

BDA solution brief

HP Business Data Warehouse Appliance

Mobile Middleware Strategies

Native & HTML5 Mobile Apps: Not an either or, but a where and when

The Evolution of Enterprise Mobile App Development

AlertBoot Case Study

Gilt Groupe Case Study

See Tickets Case Study

STA Travel Case Study

Socialbomb Case Study
Sponsored Links

High performance. Delivered. Click to see Accenture's client successes

Master the cloud with the power of convergence from HP

Connect with IT leaders redefining mobility at the Enterprise Mobile Hub

Choose New and manage one device instead of 170

Choose New for 8x the firewall and NAT performance

Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.

Redefine your data center with HP servers.

Enhance your business with Windstream IT Solutions. Speak to someone local.

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Cognizant. Leading in Business, Application & Technology Services

Collaboration: driving better business outcomes

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Click to see how Accenture has delivered high performance to clients

Complimentary Gartner Report on BYOD: Media Tablets & Beyond. View Now

Elevate storage agility and efficiency with HP 3PAR storage.

Choose New and slash the number of devices you manage

Customized information views & Twitter events at New Fulcrum Point

Splunk translates machine data into "aha" moments for IT and the business.

ManageEngine Desktop Central - Automate and Audit Your Desktop Management! Learn More...

Cloud Readiness Starts with Intel® Technology

Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.

Free: Hunter Muller's "The Transformational CIO."

Join us for an upcoming Microsoft 365 live online demo event.

Discover your easiest path to unified communications

Virtualizing Your Infrastructure Just Got Easier

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords