Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Cloud Security Journal
There have been some rather dramatic moves in the world of cyber warfare over the last couple weeks which has brought the need to for standardized interoperability & cooperation within multinational cyber defense systems to the forefront.
Today (June 25th 2009) was one of those rare days that makes you remember why elasticity is so important when architecting your web application stack. In case you don't follow the news or twittersphere, around noon eastern time came news that everyone's favorite Charlies Angel "Farrah ...
Glenn Brunette, a Distinguished Engineer at Sun Microsystems has just informed me of a new project released earlier today called "OpenSolaris Immutable Service Containers" which may form the basis for what he describes as "Autonomic Security". According to Brunette using Immutable Se...
In describing my theory on the Cloud Multiverse, I may have missed the few obvious implications of using the prefix "multi" or consisting of more than one part or entity. Although the Cloud Multiverse thesis suggests there will be more then one internet based platform or cloud to choos...
Well IBM has gone and done it, they've announced a cloud offering yet again. Actually what's interesting about this go, is not that they're getting into the cloud business (again) but instead this time they're serious about it. And like it or not, they're approach actually does kind of...
Something interesting happen this past weekend in the new world of cyber warfare. More specifically, the emergence of the social web as the key tool in what can only be described as the first cyber revolution.
Something interesting happen this past weekend in the new world of cyber warfare. More specifically, the emergence of the social web as the key tool in what can only be described as the first cyber revolution.Yes, I know this sounds crazy, so let me explain. Over the weekend the Irania...
Virtualization and cloud computing are promising to change the way in which IT services are delivered and, in effect, transform computing as we know it today. I think the promises are likely to come true, if and only if critical technology issues are addressed. Nicholas Carr told a...
A lightning storm caused damage to a single Power Distribution Unit (PDU) in a single Availability Zone. While most instances were unaffected, a set of racks does not currently have power, so the instances on those racks are down.
Yesterday John Foley at InformationWeek wrote a post about how cloud computing is becoming more global as businesses in other parts of the world are discovering the cloud. Like most of Foley's articles, it was very insightful and did make me stop and think. But in someways I think he's...
Over the past five and a half years since Enomaly was formed, I have had the honor of fostering relationships with unique characters in the burgeoning hosting and visualization world. During that period of time, a few individuals have stood out from the rest who have left a profound im...
I'm happy to announce that IBM has created a new Cloud Computing Working Group focused on creating interoperable cloud usage scenarios. IBM described this new effort as "an experiment in group authorship"
Recently I posed a questions, is there an opportunity to create a common or standard Cloud Performance Rating System? And if so, how might it work? The feed back has been staggering. With all the interest in a Standardized Cloud Performance Rating System concept, I thought it was time ...
I usually try to avoid posting rumors but this one is particularly interesting, I first heard about it a few weeks back but recently had independent confirmation. Word is Amazon's legal team is currently "investigating" open sourcing their various web services API's including EC2, S3 e...
Busy day for cloud interoperability related news. Google just announced a new service called Google Wave, described as an open communication and collaboration platform & protocol based on hosted XML documents (called waves) supporting concurrent modifications and low-latency updates. I...
The National Institute of Standards and Technology (NIST) recently released a draft "Guide to Adopting and Using the Security Content Automation Protocol" (SCAP) for public review. The guide takes a close look at what they describe as "the need for a comprehensive, standardized approac...
Earlier this week NASA took the wraps off a new Cloud Computing platform called NEBULA, or what I'm calling the (Space Cloud). Described as a way to manage research-class computing capacity. NASA describes NEBULA as "a Cloud Computing environment integrating a set of open-source compon...
The cloud hosting & service provider market seem to be becoming the key battle ground for cloud enablers formerly known as virtualization vendors. Following upon recent announcements from VMware and Cisco, Citrix has announced a Service Provider Program aimed squarely at service/hostin...
As someone who has been following cloud computing since the start, there have been a few key moments in the progression of cloud computing from a fringe term to main stream concept. Among these include August 2006 with the private beta launch of Amazon EC2, June 2008 with what is now d...
Lately we've been on a roll within the cloud interoperability movement. With the recent inclusion of interoperability & portability guidelines within the new Federal Government's cloud computing mandate or the long list of supporters publicly speaking / advocating for interoperability....
I'm happy to be able to disclose today that the Federal Government of the United States released its cloud computing RFI earlier this afternoon. Enomaly was fortunate to have been included in recent consultations with the government, and we've been impressed by the vision of this admin...
From governments to the ordinary individual the Internet has become central to our personal technological identity. The term "cloud" has become an all encompassing buzz word open to interpretation meaning everything and nothing, meaningful and meaningless.
For nearly as long as the internet has been around there have been private subnetworks called the darknets. These private, covert and often secret networks were typically formed as decentralized groups of people engaged in the sharing of information, computing resources and communicati...
Late last year I received a phone call from McKinsey & Co in regards to helping provide some insights into the cost benefits of moving to a cloud computing environment. For one reason or another we were not able to connect to complete the discussion, which after the last couple day...
I was just informed of an interesting cloud security alliance created by Nils Puhlmann & Jim Reavis. I can't help but wonder if anyone is going to complain that they did they did this without community involvement? Regardless, this seems like a great idea.In a post, Chris Hoff tak...
It is with an eye toward an open future that we address the many apt criticisms levied at the Cloud Computing Interoperability Forum (CCIF) and the difficult circumstance in which this community finds itself.As the organizers of the community, we would like to make our intentions clear...
This will seriously wake up the security community. There is increasing suspicion that Conficker will ultimately turn out to be a computing-for-hire scheme, imitating the hottest trend in the industry, known as cloud computing, in which companies such as Microsoft and Amazon sell compu...
I'm back from Stockholm and starting to get caught up with my various blog reading. In one of the more interesting posts, Ken Fischer asks a very thought provoking question on his web 2.0 blog, his question is simple yet far reaching, "What would be the economic impact of google mail ...
University of Berkley has published an excellent paper on cloud computing, the argument regarding data security in the cloud is that encrypted data in the cloud can be more secure than unencrypted data in the internal datacenter.  Almost nobody uses encryption in internal datacent...
Cloud Semantics: The formal description of the concepts, properties, vocabulary and relationships of cloud computing. Open Source Cloud Computing > http://www.enomaly.com | Twitter Me | Get Linkedin | Contact Reuven
Some interesting discussions recently on the topic of attacking the economic viability of cloud computing. Christofer Hoff, a popular security blogger and Chief Security Architect at Unisys has coined a new approach to the use of so-called "cloud based denial-of-service attacks" or w...
Interesting news on the cloud / virtualization security front. Christofer Hoff over at the Blog Rational Security is reporting that the PCI Security Standards Council will form a Virtualization / Cloud SIG. In case you're not familar with the PCI Security Standards Council, they are a...
My upcoming article, part - 3 data center predictions for 2009, has a slideshot talking about the transition from the current age to the cloud computing age to eventually the ideation age- the age where you will have clouds that will emote but they will have no internal employees.Bigge...
In my upcoming keynote on Cloud Computing and Privacy, I will take you all down the road of privacy. How privacy has evolved through centuries and where we stand today. I have repeatedly stressed on the RCC, a Regulated Cloud with its Keynesian touch and with acceptable levels of, with...
I am doing a couple of calls with some investors who are suddenly willing to bet on several open source parties or parties who have strong open source offerings. These parties could be open source vendors or could be parties that may have some open source or free hypervisors such as VM...
The ArchitectureCloud AV is the future in Anti virus technology .Soon desktop anti virus software could become history. Here’s are the details .Currently Anti virus software is installed on every end users machine in an organization. This limits only one anti virus could be installed o...