Article

Researchers discuss virtual private clouds, coin CloudNet

Mark Brownstein, Contributor

SAN DIEGO - A paper presented at the recent HotCloud '09 Conference proposed a method that will help overcome some of the most significant issues that some organizations have towards cloud computing: Control over network resources and security that is required in order to reduce the risk of computing over a cloud. The paper, entitled "The Case for Enterprise-Ready Virtual Private Clouds", is a collaborative effort between the University of Massachusetts, Amherst and AT&T Research Labs.

The issues raised in the paper were addressed in slightly different ways by other researchers (see

    Requires Free Membership to View

Private Virtualization Infrastructure and Trusted Cloud Computing for other approaches). Although all three papers describe similar concerns, each takes a somewhat different approach at attacking the issues.

More on cloud computing security:
Encryption breakthrough promises privacy in the cloud

VMsafe APIs reassure wary IT security professionals

"The separation of cloud and enterprise resources...can lead to security concerns" because "enterprise customers must utilize IP addresses on the public Internet in order to link application components in the cloud to their own sites," the Virtual Cloud paper suggested. "The lack of coordination between network and cloud resources leaves the customer … responsible for … arranging for traffic isolation and bandwidth guarantees with a separate network service provider," the paper continued.

The solution to the issues raised is something the authors call CloudNet, a framework that joins VPNs and cloud computing. The authors propose creation of what they call a Virtual Private Cloud (VPC). VPCs are created "by taking dynamically configurable pools of cloud resources and connecting them to enterprise sites with VPNs." According to the authors, a VPC can span multiple cloud data centers.

The CloudNet architecture uses two controllers that automate management of resources in both the cloud computing data centers and the provider network:

The Cloud Manager handles creation of virtual machines and manages performance within each VPC. The Cloud Manager uses several forms of virtualization, allowing physical resources to be shared across many customers.

The Network Manager is run by the network provider. It is responsible for creation and resource provisioning of the VPN. The Network Manager configures the provider edge (PE) routers to create VPN endpoints.

The Cloud Manager and Network Manager communicate with each other, coordinating the link between the network and the customer systems. The communication is also necessary when a virtual machine is migrated between cloud sites.

The authors concluded that "CloudNet can provide secure and seamless cloud resources to enterprises." This was a research paper, and no target data for actual implementation - if at all - was provided by the authors.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: