Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

7/25/2011
08:03 AM
Jim Reavis
Jim Reavis
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Future Clouds: Centralized Or Decentralized?

The trend might be moving toward putting more eggs in fewer, more secure baskets

Risk concentration is one of the issues to consider as cloud computing evolves. The economies of scale that have brought cloud computing to where it is so far seem to point to further consolidation and the growth in size of a smaller number of mega data centers.

When Vivek Kundra, the outgoing federal CIO, spoke at the Federal Cloud Strategy at our CSA Summit earlier this year, my favorite slide in his deck compared the federal government to IBM in data-center consolidation. Whereas both had several hundred data centers in 1997, the federal government now has more than 2,000, while IBM has 12!

It seems as though the trend is toward putting more eggs in fewer baskets -- albeit more efficient and I believe more secure baskets. But is that truly the case? I can see Moore’s Law and management efficiencies continuing to support this trend, but I think the wild card is the cost of energy. It could very well be that this is the variable cost that upsets the apple cart, and the cost of cloud services might track the cost of energy over time.

In the U.S., many data centers have been built in eastern Washington and Oregon to take advantage of cheap hydroelectric power. It is easy to imagine a variety of events that could radically change the energy cost basis of a data center.

Greater decentralized clouds could mitigate this issue, and it is not hard to imagine more sophisticated versions of the cloud-brokering solutions of today helping customers move workloads around to lower energy cost data centers. If you take this idea to its extreme, the compute power of a few million smartphones could be pretty tremendous, and the energy costs are zero. Is it possible that the future of cloud will be a significant amount of mobile clouds?

Management costs could be higher for something like this, but there have been very good examples of well-managed distributed compute networks for years; my favorite is the botnet.

I don’t know whether this is the future, but I think we need to plan for this being a possible outcome. Clouds might include a lot of untrusted, low assurance infrastructure, and thinking of our security layers in completely virtual terms is very healthy. Building security into the applications, abstracting between the different technological layers, protecting the data wherever it might go, and instrumenting every entity (virtual machines, hypervisors, data stores, users, etc.) with identity management and nonrepudiated logging technologies is essential.

None of us really knows what the cloud might look like tomorrow, so think about implementing security in a way that allows us to take advantage of its future -- or some alternate futures.

Jim Reavis is the executive director of the Cloud Security Alliance, and president of Reavis Consulting Group.

Jim Reavis is the President of Reavis Consulting Group LLC, where he advises organizations on how to take advantage of the latest security trends. Jim has served as an international board member of the Information Systems Security Association and was co-founder of the ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.
CVE-2019-6659
PUBLISHED: 2019-11-15
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.
CVE-2019-6660
PUBLISHED: 2019-11-15
On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service.
CVE-2019-6661
PUBLISHED: 2019-11-15
When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources.