25Jun/090
Introduction to Cloud Computing and Virtualizaton Security
Today the Austin ISSA and ISACA chapters held a half-day seminar on Cloud Computing and Virtualization Security. The introduction on cloud computing was given by Vern Williams. My notes on this topic are below:
5 Key Cloud Characteristics
- On-demand self-service
- Ubiquitous network access
- Location independent resource pooling
- Rapid elasticity
- Pay per use
3 Cloud Delivery Models
- Software as a Service (SaaS): Providers applications over a network
- Platform as a Service (PaaS): Deploy customer-created apps to a cloud
- Infrastructure as a Service (IaaS): Rent processing, storage, etc
4 Cloud Deployment Models
- Private cloud: Enterprise owned or leased
- Community cloud: Shared infrastructure for a specific community
- Public cloud: Sold to the public, Mega-scale infrastructure
- Hybrid cloud: Composition of two or more clouds
- Two types: internal and external
- http://csrc.nist.com/groups/SNS/cloud-computing/index.html
Common Cloud Characteristics
- Massive scale
- Virtualization
- Free software
- Autonomic computing
- Multi-tenancy
- Geographically distributed systems
- Advanced security technologies
- Service oriented software
Pros
- Lower central processing unit (CPU) density
- Flexible use of resources
- Rapid deployment of new servers
- Simplified recovery
- Virtual network connections
Cons
- Complexity
- Potential impact of a single component failure
- Hypervisor security issues
- Keeping virtual machine (VM) images current
- Virtual network connections
Virtualization Security Concerns
- Protecting the virtual fabric
- Patching off-line VM images
- Configuration Management
- Firewall configurations
- Complicating Audit and Forensics
