Google Site Search


Friday, April 10, 2009

Bruce Schneier on Cloud Security

Bruce Schneier terms the cloud to be a marketing hype and cautions companies to watch out in his interview.

Anil's opinion is:

Cloud has some interesting uses mainly for data intensive verticals such as the drug industry. The following article (requires free registration) in the Information Security Magazine, talks of one such use case where a drug researcher at Eli Lilly got his research done for a sum of $89 (using the Amazone EC2) - his own private data centre would have cost a billion and taken months to set up.,296894,sid14_gci1349671,00.html

In my opinion, the industry needs to address the security in the cloud (via groups such as the Cloud Security Alliance). We cannot just write off the cloud as a hype given useful use cases such as the Eli Lilly case.

Since sensitive data is going to flow around unknown corners of the cloud, it is imperative that encryption (and hence Key Management) becomes an hot topic of the day in the cloud. Apart from that, establishment of trust models is necessary to gain confidence. You may trust the prominent cloud vendors but what about those entities these vendors rely on, to provide their services?

Sunil Madhu, Chief Security Architect, Cisco Policy Unit has the following response to Bruce's interview:
"I agree with Bruce that the word "cloud" is a buzzword. Essentially the cloud is nothing more than a virtual, dynamic -- what I have termed, "commoditized" -- data-center. However let's not confuse the cloud with the traditional data-center. The cloud has aspects of the traditional data-center and dare I say it -- the mainframe computing environment.

Elastic compute/storage capacity, dynamic machine on-boarding/off-boarding, template-based machine composition are all features specific to the cloud environment and not the traditional data-center. With the elastic compute/storage capacity comes additional savings through new subscription/licensing models and pay-as-you-go computing.

Think about this: if you run a service in the traditional data-center, you are forced to buy/lease sufficient infrastructure to meet your peak load scenarios -- such as during the start of the day, intra-day or during a fail-over scenario. You would have to plan for this capacity in advance and spend $$$ on redundant infrastructure accordingly. With the cloud, your compute/storage capacity is elastic -- so you don't have to buy/lease the infrastructure you don't need since the environment itself will expand and contract to meet your load demands. This is a feature that the mainframe-folks will be quite familiar with. Your compute resources go to the parts of your applications and services that need that capacity, on-demand, but at a lower TCO than the mainframe environment.

As for the whole debate about security -- common sense should dictate that just because you are moving from one type of data-center to the next does not mean that you should abandon the security best-practices developed over the last decade. The cloud does pose some new challenges, but then innovation always comes to the rescue. Good architecture and design teaches you to look at attack-vectors as a way of constraining aspects of the design. I have heard the argument that "...if you use a proprietary program or somebody else's web server, you're defenseless..." all too often before. In the past 10 years, how many operating systems did you write yourself? How many IT/IS solutions did you opt to by COTS vs. build yourself? If your own developers were to build your very own OS and your web-server, does that make your software more trust-worthy than something off the shelf? Ever heard of the term "back-door"? This is fear-mongering and I don't at all agree with it. A key take-away from the open-source community it is that transparent software can be made secure and trustworthy more easily than opaque, proprietary software.

Not all applications are suitable to the dynamics of the cloud and not all cloud-providers in themselves are suitable to help you meet 5-nines SLA, although most cloud providers promise at least 4-nines of availability. As you re-engineer/tweak your applications and services to migrate them to the cloud entirely or opt to utilize a hybrid model, make sure that you are following the same security best-practices you would do normally. The are plenty of reputable service providers for the cloud, some with innovative solutions. Indeed, the security vendors of old are slowly moving their wares to support the cloud albeit slowly.

It is a brave new world, but one that will emerge out of the hype-cycle as operational model of choice for today economy and tomorrows services IMO.

Yes, it is a brave new world.

No comments: