The Cloud – opportunities and limitations
Publish date: 2012-02-27
Report number: FOI-R--3381--SE
Pages: 19
Written in: Swedish
Keywords:
- Cloud computing
- cloud storage
- web services
- SaaS
- IaaS
- PaaS
- ondemand
- virtualisation
- virtual machine
- VM
- security
- isolation
- cryptography
- object
- based security
- trusted platform
Abstract
The cloud has in recent years become a very popular concept. In the past, the so called grid was the dominant form of distributed computing, but the cloud has increasingly taken over with its unique on-demand business model. For the provider, this means that the resources can be utilized more efficiently through virtualization. Parallels can be drawn to the use of mainframe computers, where clients rent time, but the cloud is more flexible and has a more diverse customer base. Many major computer companies now offer cloud-based services that are powerful and highly accessible. The precise definition of the cloud varies in the literature and this report tries to shed light on this. The report also explores the possibilities that the cloud provides. The customers can focus on their business and do not have to invest in expensive infrastructure, whereas the cloud service provider can leverage their size and use of security mechanisms that would not otherwise be cost effective. At the same time, there are risks with the cloud. The new business model means that traditional laws and regulations are in some cases less well suited, and to share resources with other clients can be risky. Auditing and certification by third parties is vital for the customer to be able to trust the cloud provider. Internet's global nature further complicates matters and in combination with virtualization, it is difficult to link the data to a physical storage location. Availability is an important issue as disruptions can be very expensive and backup of a distributed infrastructure complex. Switching clouds often takes time since interoperability is normally missing. In addition, the technical security aspects must be taken into account. The classic perimeter model is not as useful anymore and the customer needs to ensure that the cloud owner will arrange adequate protection. In this case, a so-called trusted platform can certify that a configuration is correct and encryption can provide protection against data leakage. Particularly interesting is the new form of encryption that allows calculations without decryption, but so far the method is too slow. Isolation between customers is central and more research on virtual machines is therefore required.