Is Secure Clouds An Oxymoron ?

Of late, I am working on the cloud security mechanisms from multiple vantage points:

  1. Cloud Security mechanics for the provider interface between a Cloud Service Provider and a Cloud Service Consumer (including various brokers)
    • Protocols, elements et al as part of the DMTF Cloud Incubator wg. Our white paper will explain a little further on the architectures
  2. Embedding Cloud Security in the network, leveraging various network capabilities – available now and in the future
  3. Cloud Analytics for compliance reporting and forensics
  4. And finally, a comprehensive view of Cloud Security
    • On this front, I did a guest lecture [Is Secure Clouds An oxymoron?] at the Naval Postgraduate School, Monterey
    • My aim was to facilitate and provoke discussions than suggest any solutions – the deep discussions will come later …
    • The room was full, excellent audience, lots of participation and some very good questions …

I will write more on this topic, especially #1. There is good amount of work happening in the Cloud Service Provider <-> Cloud Service Consumer front …

And we are starting to prototype the Cloud OS/APIs with extended semantics (including interface into our own UCS compute and policy plane) in our Cloud Concept lab (in Ruby!).

I believe that Cloud Security would be more robust if we can interface *natively* from the Cloud OS layer, with the network, compute and  storage control/management/policy planes …




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s