Security vulnerability is the most frequently voiced objection to cloud computing. Everyone will readily attribute greater efficiency and effectiveness to platform or software as a service. However, the subject of security assurance is always cited as an issue for which adequate safeguards are not adequately specified. Such objections reflect an insufficient understanding of the far more demanding technical capabilities that the security of cloud computing requires.
From a policy standpoint the following views on the security issues are applicable: [1]
· Consolidation into a limited number of clouds enables secure services because the number of data centers exposed to attack is a much less than the hundreds of existing sites.
· With tightly controlled identity authorizations as wells as access privileges information can be made securely accessible to all.
· Deploying enterprise-wide standard identity and access management protocols will extends security protection from the network to the data stored on servers.
· DoD networks can be better protected from threats, both internal and external, by the ability of blocking a much smaller number of potential gaps in the information infrastructure.
· Deployment of the limited number of staff as well as of costly forensic software engaged in computer network defenses makes it possible to anticipate attacks.
· Tightly managed assurance processes, counter-intelligence, expert security management and automated command structures will ensure that military networks remain available at all times.
· The smaller number of standard cloud environments can ensure an ability to recover instantly from any attack.
SUMMARY
The security assurance of a cloud-based DoD environment is a highly technical issue. What is currently practiced as safeguarding of highly distributed operations does not apply under conditions that would prevail in a consolidated cloud-based environment.
Objections to cloud computing require the installation of unprecedented countermeasures as computing assets become concentrated into a vastly smaller number of targets. From a policy standpoint, as noted above, cloud-based computing can be protected. It will now take a very large and costly effort to proceed with implementation.
No comments:
Post a Comment
For comments please e-mail paul@strassmann.com