Key cloud computing trends and enterprise security
by Mirko Zorz - Monday, 12 August 2013.
Dan C. Marinescu is the author of Cloud Computing: Theory and Practice. He was a Professor of Computer Science at Purdue University in West Lafayette, Indiana from 1984 till 2001 when he joined the Computer Science Department at the University of Central Florida.

In this interview, Marinescu outlines a variety of interesting facts about cloud security, illustrates how the cloud has shaped enterprise security, and provides insight into key future trends.

How has cloud computing shaped IT since it stopped being just a buzzword?

There is little doubt that cloud computing has revolutionized our thinking about information processing and information storing; its impact on the activity of many organizations, large and small, as well as on individual application developers, is a proof of the economic benefits of the new paradigm.

The very large number of applications running today on clouds show the appeal of virtualization, when users work in a familiar environment rather than being forced to operate in an idiosyncratic one.

The cloud computing landscape is continually changing, new services are offered and new providers enter the scene, increasing the competition among CSPs (Cloud Service Providers). But more work needs to be done. Improved security and a higher degree of assurance, performance isolation, and solutions to the problem of vendor lock-in and interoperability standards are at the top of the list of cloud users concerns.

Robust and economic solutions for cloud resource management, the ability to support elasticity without over-provisioning, security and reliability of the cloud infrastructure, and effective cost models are the main problems for the CSPs. In turn, both users and service providers would welcome the elimination of some of the inefficiencies related to resource virtualization and effective means to support interoperability.

The standardization efforts underway face many technical, business, and legal challenges. It is also unclear if standards based on the current state of the art in cloud computing will not have a negative effect and discourage future innovation.

How has the cloud affected enterprise security?

Security and privacy top the list of public cloud users concerns. It is impossible for a user to have a complete picture of all the operations affecting the data stored and processed on the cloud. Confidential data can be accidentally disclosed to a third party when files are replicated or moved from one storage device to another and the space where it previously resided is not annihilated. Accidental disclosure is also possible when the physical memory of the pages of one process is not scrubbed, before being allocated to the pages of another process.

Clouds are also vulnerable to the traditional threats of systems connected to the Internet and to problems caused by malicious insiders. Auditability is still a distant dream for the cloud systems we are familiar with. These facts limit the appeal of cloud computing for many organizations with strict security and privacy requirements.

Spotlight

New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Dec 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //