Information Technology Reference
In-Depth Information
With the advent of cloud computing, we can see the deployment of very large-
scale distributed systems offering a range of novel and exciting new services,
including interesting new paradigms for large-scale computation. Furthermore,
distributed systems are becoming significantly more heterogeneous spanning very
small devices embedded in the physical environment around us through data
centres housing massive cluster computers. Users of distributed systems are often
mobile, resulting in significant context changes over time, which the system
must adapt to. Networking technologies continue to evolve with, for example,
the emergence of a range of new ad hoc networking techniques and peer-to-peer
approaches to implementing core network services.
Distributed systems are also being challenged by the new styles of applications
and services now being considered. A key illustration of this is the rapid emer-
gence of social computing, that is supporting social behaviours in distributed
systems through tools such as wikis, blogs and social networking sites. Social
computing is also now being taken a step further as the associated tools exploit
the emergence of mobile devices and also start to embrace the new potential
offered by ubiquitous computing.
Security is a key concern in Cloud Computing. The common use of virtual-
ization introduces a new layer between software and hardware and this in turn
introduces a new layer which can be potentially compromised. Other concerns
with cloud include managing and verifying the identity of the clients who use
cloud infrastructure, privacy of data contained in the cloud, physical access and
security concerns for the remote hardware, availability of resources and legal is-
sues as cloud technology separates the physical location from where the services
are being used.
4.4 Security
Security is increasingly becoming a fundamental part of software development
rather than simply a functional requirement. It is becoming understood that
with increasingly open and networked systems, security is a primary system re-
quirement and it needs to be designed into the software from the ground up, and
needs to be examined and addressed on an on-going basis, as the environment
evolves and new types of threats become apparent.
Risk Management is key to the process of assessing and managing the security
risks associated with the software systems of an organisation and planning how
to deal with events that may occur. This is a particularly important process
for eternal systems as by their nature, both the systems and their environment
evolve over their (long) lifetimes, and the risks faced change and the risk manage-
ment process needs to handle this change and also adapt as new risks occur and
older risks are no longer relevant. For this reason, to be effective, risk analysis is
an on-going requirement.
A new branch of software engineering, Security Software Engineering focuses
on integrating security-centric processes (including awareness and training) into
all aspects of the software development process. In particular, the focus of the
research community is shifting towards dealing with security concerns as early
Search WWH ::
Custom Search