|
|
|
|
|
Updates on Three Cloud Computing Security Projects from Sun's CommunityOne Distinguished Engineer Glenn Brunnette Blogs on Recent Developments June 10, 2009, Volume 136, Issue 2
Sun Distinguished Engineer Glenn Brunette addresses developments in three Cloud Computing security projects he has been associated with in a recent blog entitled "Cloud Security from Sun\'s CommunityOne." Security Hardened Virtual Machine Images
Security Hardened Virtual Machine Images is the first project Brunette takes up. He writes that Sun and the Center for Internet Security have been working together for over six years to promote enterprise-class security best practices for the Solaris OS. Building upon their latest success, the Solaris 10 Security Benchmark, they have adapted its security guidance to the OpenSolaris platform and have announced the availability of a virtual machine image pre-configured with these settings. He notes that Sun is the first commercial vendor to publish and make freely available a hardened virtual machine image - secured using industry accepted best practices. Images will be made available for both Amazon EC2 and Sun Cloud, he adds. Further details can be found in the following announcements: Hardened OpenSolaris 2008.11 on Amazon EC2 Released and Hardened OpenSolaris 2008.11 Now Available in Europe. Cloud Safety Box
Next on Brunette's list are his comments on the Cloud Safety Box, which he writes is a utility that simplifies the process of encrypting files and storing them in the Cloud (as well as decrypting them after they have been retrieved). He notes that the tools leverage strong, industry standard encryption (AES 256-bit) but are configurable to accommodate other algorithms and key sizes. The tools can also leverage the cryptographic acceleration capabilities of systems configured with Sun's UltraSPARC T2 (Niagara 2) processor enabling ~7x speed improvement over software encryption. In addition, the tools support multiple client platforms and multiple cloud providers, including Sun Cloud and Amazon S3. Encrypted ZFS Backups
Brunette also blogs about Saving Encrypted ZFS Snapshots to the Cloud, noting that this utility, integrated with the OpenSolaris ZFS automatic snapshot service, automatically encrypts the content before storing it into the Cloud. In this manner, he continues, backup data is always stored in an encrypted form in the Cloud, and the decryption keys never leave your organization. Recovery is therefore as easy as downloading and decrypting the snapshots (using the Cloud Safety Box tool, for example) and reverting to those snapshots using standard ZFS methods. Like the Cloud Safety Box, the Encrypted ZFS Backup tool leverages strong, industry standard encryption (AES 256-bit) but is configurable to accommodate other algorithms and key sizes, Brunette points out. The tool can leverage the cryptographic acceleration capabilities of systems configured with Sun's UltraSPARC T2 (Niagara 2) processor enabling ~7x speed improvement over software encryption. The tool also supports multiple cloud providers today, including Sun Cloud and Amazon S3. A brief video -- which includes comments from Lew Tucker's keynote on Cloud Computing -- highlights each of these projects. Brunette also includes snapshots from Sun's Cloud demonstration pods at CommunityOne West and Java One that provide additional information. More Information
Sun OpenSolaris AMI Hardening Wiki
Encrypted ZFS Backups Project Page
[...read more...]
Keywords:
|
|
||||||||||||||||||||||||||
New developments in Cloud Computing security
Print
Email
Updates on Three Cloud Computing Security Projects from Sun's CommunityOne
(this article)|
News and Solutions for Users of Solaris, Java and Oracle's Sun hardware products
Just the news you need, none of what you don't – 42,000+ Members – 24,000+ Articles Published since 1998 |
Copyright © 1998-2011 System News, Inc.
