Information Technology Reference
In-Depth Information
The Green Grid
The Green Grid (
www.thegreengrid.org/about-the-green-grid.aspx
)
is a collaborative organization committed to bringing together technology/service providers,
utility companies, facility architects, cloud policy makers, and end users to present a set of
standards. These standards aim to improve the resource utilization efficiency of data centers
and cloud computing ecosystems.
Cloud Security Alliance (CSA)
CSA (
https://cloudsecurityalliance.org/about/
)
presents best practices for cloud computing security with a special focus on cloud applica-
tions and data security. CSA also provides education on the uses of cloud computing. CSA
is led by a broad coalition of industry practitioners, corporations, associations, and other
key stakeholders.
DMTF Open Virtualization Format
The Open Virtualization Format (
www.dmtf.org
/standards/ovf
) suggested by the Distributed Management Task Force (DMTF) provides
a method for migrating virtual machine images from one platform to another. The aim of
the Open Virtualization Format is to provide a simplified and error-free VM migration and
deployment across platforms.
SNIA Cloud Data Management Interface (CDMI)
The Storage Networking Industry
Association (SNIA) provides the CDMI specification (
www.snia.org/cdmi
), which defines
the functional interface that applications can use to create, retrieve, update, and delete
data elements from the cloud. CDMI provides protocols that describe how an organization
can use this interface to manage containers and the data and metadata that is placed in
them. The protocol also describes how data should be moved between public and private
cloud environments. The International Organization for Standardization (IOS) has already
approved the CDMI.
For both academia and industry, IEEE P2301 and P2302 should serve as the preferred
guidelines to follow. For additional guidance, the NIST Cloud Computing Standards
Roadmap can be consulted to acquire government-recommended practices and principles.
Security Concepts and Tools
In the following sections, we start by looking at common security threats and attacks such as
the ping of death, denial of service, and distributed denial of service. We then look at enforce-
ment of security through obfuscation, access control lists, and virtual private networks. Last,
we look at the options for making networks secure, such as using firewalls and provisioning
demilitarized zones.
Security Threats and Attacks
Some of the common security threats and attacks are valid for cloud computing systems
as well, though the means of attack might be different. We cover three of the most common
security attacks here: ping of death, ping flood (or denial of service), and distributed denial
of service.
Search WWH ::
Custom Search