RSA attendees interested in cloud computing
The giant paranoia-for-profit fest known as the RSA Conference kicked off today in San Francisco, and cloud computing is drawing heavy interest. The Cloud Security Alliance's five-hour session was reportedly turning people away at the door for the keynote.
The CSA announced a peer-reviewed paper, entitled "Top Threats to Cloud Computing," that outlines major challenges to providing and using cloud computing. Its choice for number one was the "abuse and nefarious use" of cloud to provide spammers and bot herders access to massive pools of computing firepower. Number two was insecurity at the technical level for cloud providers who didn't mind their APIs, and number three was "malicious insiders."
"This threat is amplified for consumers of cloud services," it said.
The report cited the lack of transparency and highly automated use of clouds as a reason to fear a provider's employees, much as one might fear the janitor at the gym; only with cloud computing, you're not encouraged to bring your own lock. Fortunately, or perhaps worrisome, "No public examples are available at this time."
Skytap offers transparency in virtual networking
Skytap announced it will now include full-featured virtual networking in its user-created virtual computing environments. Users can now enjoy the same level of simplification and stout transparency they have with firewall and network appliances on Skytap's cloud.
Novell wants to give cloud providers a stamp of approval
Novell announced the launch of the Trusted Cloud Initiative (TCI) in conjunction with the CSA. Currently a work in progress, the aim of the TCI is to generate a security stamp of approval for cloud providers. Details on how they might to this for the dizzying variety of providers and technologies that currently rock the "cloud computing" lingo are still to be worked out. We await their progress; we hope it's doesn't end up being an expensive, limp, proprietary rubber stamp.