Twitter Feed
The Endpoint Imperative: Global Security Compliance. Are you ready?
China has its Cybersecurity Law. Next May, the General Data Protection Regulation – or GDPR –goes into effect for the European Union. Research shows most organizations just aren’t…
The Endpoint Imperative: IT Spending: Setting Priorities in a Volatile World
Fast-evolving trends are changing the way IT thinks about security. To stay secure and productive, IT operations must excel at the fundamentals: PC refreshes for security, and optimizing end-user…
Top 1000 Tech Bloggers
The Rise “Top 1000 Tech Bloggers” leaderboard recognizes the most inspiring Tech journalists and bloggers active on social media. They use Klout scores (50%) and the blogger’s twitter conversations on…
IBM – The Power of Cloud Brokerage
Hybrid cloud adoption is now mainstream and you are making decisions every day about how to transform application and infrastructure architectures, service delivery, DevOps, production operations and governance. With Cloud…
More SMB Love Needed
In a recent post, titled “10 Surprising Facts About Cloud Computing and What It Really Is”, Zac Johnson highlighted some interesting facts about cloud computing in the SMB…
ATMs Are IT Too!
That world of homogenous IT technology managed entirely by the internal IT organization has long disappeared. Operations today require efficient and global management of technologically heterogeneous environments. The challenges and…
Digital Transformation Asset Management
Today’s businesses run in the virtual world. From virtual machines to chatbots to Bitcoin, physical has become last century’s modus operandi. Dealing with this type of change in business even…
The Game of Clouds 2017
The AWS Marketplace is growing at breakneck speed, with 40% more listings than last year! This and more insights were revealed when CloudEndure used their custom tool to quickly scan the…
Managing Your Hybrid Cloud
Photo credit: Shutterstock Runaway cloud computing cost may be causing an information technology industry crisis. Expanding requirements, extended transition schedules and misleading marketplace hype have made “Transformation” a dirty word. …
American Airlines Adopts Public Cloud Computing
Did you know that the reservations systems of the biggest carriers mostly run on a specialized IBM operating system known as Transaction Processing Facility (TPF). Designed by IBM in the…
From Sam Johnston’s Taxonomy post
- Clients (examples) are computer hardware and/or computer software which rely on The Cloud for application delivery, or which is specifically designed for delivery of cloud services, and which are in either case essentially useless without it.
- Services (examples) (aka Web Service) are “software system[s] designed to support interoperable machine-to-machine interaction over a network“[36] which may be accessed by other cloud computing components, software (eg Software plus services) or end users directly.
- Application (examples) leverages The Cloud in software architecture, often eliminating the need to install and run the application on the customer’s own computer, thus alleviating the burden of software maintenance, ongoing operation, and support.
- Platform (examples) (aka Platform as a service) (the delivery of a computing platform and/or solution stack as a service) facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers
- Storage (examples) is the delivery of data storage as a service (including database-like services), often billed on a utility computing basis (eg per gigabyte per month)
- Infrastructure (examples) (aka Infrastructure as a service) is the delivery of computer infrastructure (typically a platform virtualization environment) as a service
2 Comments
Cloud Computing
- CPUcoin Expands CPU/GPU Power Sharing with Cudo Ventures Enterprise Network Partnership
- CPUcoin Expands CPU/GPU Power Sharing with Cudo Ventures Enterprise Network Partnership
- Route1 Announces Q2 2019 Financial Results
- CPUcoin Expands CPU/GPU Power Sharing with Cudo Ventures Enterprise Network Partnership
- ChannelAdvisor to Present at the D.A. Davidson 18th Annual Technology Conference
Cybersecurity
- Route1 Announces Q2 2019 Financial Results
- FIRST US BANCSHARES, INC. DECLARES CASH DIVIDEND
- Business Continuity Management Planning Solution Market is Expected to Grow ~ US$ 1.6 Bn by the end of 2029 - PMR
- Atos delivers Quantum-Learning-as-a-Service to Xofia to enable artificial intelligence solutions
- New Ares IoT Botnet discovered on Android OS based Set-Top Boxes
You don’t mention where security fits in this stack. I know security is important at every level and it is there at every level now, but really there should be a single source of secure control of access to resources.
That’s something big we need to work out. How can I have one account, the account I use to log into my cloud application and I can use that application with any other layer of stack or in combination with them without having to know that amazon requires these credentials and nirvanix requires another set.
The end user shouldn’t care about these things, it should be handled at the platform level, but from my perspective there is no robust security model for the cloud, not yet.
Any ideas what we might see fill this gap?
Actually security is something that I do think about as a CISSP, but having looked at the various solutions it was clear that they permiated every layer of the stack. The resources themselves are secured by various mechanisms (AWS request signing for example) and from the user point of view you have OpenID and OAuth at the services layer. Even on the clients we don’t want cloud apps interfering with each other and you can see that browsers like chrome go to great lengths to prevent this.
So yes it’s a valid point, but not one that wasn’t well considered.
Cheers,
Sam