What is Cloud Computing?
The cloud is a virtualization of resources that maintains and manages itself
Cloud computing is becoming one of the next industry buzz words. It joins the ranks of terms including: grid computing, utility computing, virtualization, clustering, etc.
Cloud computing overlaps some of the concepts of distributed, grid and utility computing, however it does have its own meaning if contextually used correctly. The conceptual overlap is partly due to technology changes, usages and implementations over the years.
Trends in usage of the terms from Google searches shows Cloud Computing is a relatively new term introduced in the past year. There has also been a decline in general interest of Grid, Utility and Distributed computing.
Cloud computing overlaps some of the concepts of distributed, grid and utility computing, however it does have its own meaning if contextually used correctly. The conceptual overlap is partly due to technology changes, usages and implementations over the years.
Trends in usage of the terms from Google searches shows Cloud Computing is a relatively new term introduced in the past year. There has also been a decline in general interest of Grid, Utility and Distributed computing.
Likely they will be around in usage for quit a while to come. But Cloud computing has become the new buzz word driven largely by marketing and service offerings from big corporate players like Google, IBM and Amazon.
The term cloud computing probably comes from (at least partly) the use of a cloud image to represent the Internet or some large networked environment. We don’t care much what’s in the cloud or what goes on there except that we depend on reliably sending data to and receiving data from it. Cloud computing is now associated with a higher level abstraction of the cloud. Instead of there being data pipes, routers and servers, there are now services. The underlying hardware and software of networking is of course still there but there are now higher level service capabilities available used to build applications. Behind the services are data and compute resources. A user of the service doesn’t necessarily care about how it is implemented, what technologies are used or how it’s managed. Only that there is access to it and has a level of reliability necessary to meet the application requirements.
In essence this is distributed computing. An application is built using the resource from multiple services potentially from multiple locations. At this point, typically you still need to know the endpoint to access the services rather than having the cloud provide you available resources. This is also know as Software as a Service. Behind the service interface is usually a grid of computers to provide the resources. The grid is typically hosted by one company and consists of a homogeneous environment of hardware and software making it easier to support and maintain. (note: my definition of a grid is different from the wikipedia definition, but homogeneous environments in data centers is typically what I have run across). Once you start paying for the services and the resources utilized, well that’s utility computing.
Cloud computing really is accessing resources and services needed to perform functions with dynamically changing needs. An application or service developer requests access from the cloud rather than a specific endpoint or named resource. What goes on in the cloud manages multiple infrastructures across multiple organizations and consists of one or more frameworks overlaid on top of the infrastructures tying them together. Frameworks provide mechanisms for:
- self-healing
- self monitoring
- resource registration and discovery
- service level agreement definitions
- automatic reconfiguration
Nasdaq Hackers Target Service for Corporate Boards
Nasdaq's Directors Desk service, which helps companies share documents with directors between board meetings, was targeted by hackers who broke into the service repeatedly over more than a year. Investigators are trying to identify the hackers, but the motive is unknown. Experts say such web-accessible services are a prime target for hackers.Hackers broke into a Nasdaq service that handles confidential communications for some 300 corporations, the company said Saturday -- the latest vulnerability exposed in the computer systems Wall Street depends on. The intrusions did not affect Nasdaq's stock trading systems and no customer data was compromised, Nasdaq OMX Group Inc. said. Nasdaq is the largest electronic securities trading market in the U.S., with more than 2,800 listed companies.
A federal official told The Associated Press that the hackers broke into the service repeatedly over more than a year. Investigators are trying to identify the hackers, the official said. The motive is unknown. The official spoke on condition of anonymity because the inquiry by the FBI and Secret Service is continuing.
The targeted service, Directors Desk, helps companies share documents with directors between scheduled board meetings. It also allows online discussions and Web conferencing within a board. Since board directors have
to information at the highest level of a company, penetrating the service could be of great value for insider trading. Nasdaq OMX spokesman Frank DeMaria said the Justice Department had requested that the company keep silent about the intrusion until at least Feb. 14. However, The Wall Street Journal reported the investigation on its Web site late Friday, prompting Nasdaq to issue a statement and notify its customers.
DeMaria said Nasdaq OMX detected "suspicious files" during a regular security scan on U.S. servers unrelated to its trading systems and determined that Directors Desk was potentially affected. It pulled in forensic firms and federal law enforcement for an investigation. They found no evidence that customer information was accessed by hackers.
Rich Mogull, an analyst and CEO with the security research firm Securosis, said Web-accessible services like Directors Desk are a prime target for hackers, and have sometimes been a back door for systems that aren't directly connected to the Web. The presence of files on the Directors Desk system and the claim that no customer information was compromised could indicate that hackers were able to get in but not complete their attack, he said.
Computer security experts have long warned that many companies aren't doing enough to protect sensitive data, and recent events have underlined the point. The secret-spilling organization WikiLeaks has published confidential documents from banks in Switzerland and Iceland and claims to have incriminating documents from a major U.S. bank, possibly Bank of America.
In 1999, hackers infiltrated the Web sites of Nasdaq and the American Stock Exchange leaving taunting messages, but Nasdaq officials said then that there was no evidence the break-ins affected financial data.
Nasdaq OMX CEO Bob Greifeld said in a statement that cyber attacks against corporations and government are constant and the company is vigilant in maintaining security.
"We continue to evaluate and enhance our advanced security controls to respond to the ever increasing global cyber threat and continue to devote extensive resources to further secure our systems," he said.
Some of the Wall Street's technological scares have been unrelated to hackers. In June 2009, a computer glitch knocked out trading in 242 stocks on the New York Stock Exchange for several hours.
More recently, high-speed trading software precipitated a "flash crash" on May 6. One trade worth $4.1 billion touched off a chain of events that ended with 30 stocks listed in the S&P 500 index falling at least 10 percent within five minutes. The drop briefly wiped out $1 trillion in market value as some stocks traded as low as a penny.
Hackers in China Hit Western Oil Companies
A security report by McAfee says that "coordinated, covert and targeted" attacks against Western oil companies were perpetrated by Chinese hackers. McAfee said the hackers worked through servers in the United States and the Netherlands and used techniques including taking advantage of vulnerabilities in the Microsoft Windows operating system.Hackers operating from China stole sensitive information from Western oil companies, a U.S. security firm reported Thursday, adding to complaints about pervasive Internet crime traced to the country. The report by McAfee Inc. did not identify the companies but said the "coordinated, covert and targeted" attacks began in November 2009 and targeted computers of oil and gas companies in the United States, Taiwan, Greece and Kazakhstan. It said the attackers stole information on operations, bidding for oil fields and financing.
"We have identified the tools, techniques, and network activities used in these continuing attacks -- which we have dubbed Night Dragon -- as originating primarily in China," said the report.
Google Inc. closed its China-based search engine last year after complaining of cyberattacks from China against its e-mail service.
Security consultants say China is a leading center for Internet crime including industrial spying aimed at major companies. Consultants say the high skill level of earlier attacks suggests China's military, a leader in cyberwarfare research, or other government agencies might be stealing technology and trade secrets to help state companies.
The Chinese government has denied it is involved.
Officials in the United States, Germany and Britain say hackers linked to China's military have broken into government and defense systems. Attacks on commercial systems receive less attention because companies rarely come forward, possibly for fear it might erode trust in their businesses.
Spokesmen from several American, British and Greek oil companies said they were either unaware of the hacking or that they could not comment on security matters.
McAfee, based in Santa Clara, California, said the hackers worked through servers in the United States and the Netherlands and used techniques including taking advantage of vulnerabilities in the Microsoft Windows operating system.
McAfee said it identified an individual in the eastern Chinese city of Heze in Shandong province who provided servers that hosted an application that controlled computers at the victim companies. The report did not identify the person and said he was not believed to be the scheme's mastermind.
McAfee said extraction of information occurred from 9 a.m. to 5 p.m. Beijing time on weekdays. It said that suggested the attackers were "company men" on a regular job, rather than freelance or amateur hackers.
The attackers used hacking tools of Chinese origin that are prevalent on Chinese underground hacking forums, McAfee said.
Google announced last January that cyberattacks from China hit it and at least 20 other companies. Google says it has "conclusive evidence" the attacks came from China but declined to say whether the government was involved.
Google cited those attacks and attempts to snoop on dissidents in announcing it wanted to stop censoring search results in China, which the communist government requires. The company closed its China-based search engine last March.
In 2009, a Canadian research group said a China-based ring stole information from thousands of hard drives worldwide. The Information Warfare Monitor said attackers broke into government and private organizations in 103 countries, including the computers of the Dalai Lama and his exiled Tibetan government.
There are no estimates of losses attributable to hacking traced to China, but McAfee has said previously that intellectual property worth an estimated $1 trillion was stolen worldwide through the Internet in 2008.
Training Future 'Cyberwarriors' Is School's Objective
Teaching, arming and training a generation of professionals to protect our nation's cyberassets is the goal of a Cyber Security course series offered by a Maryland college. It's a new field of study with the potential to fill a hole in the market, as there is enormous demand for such specialists at the moment -- and it's likely to rise even further.In two years' time the first "army of cyber warriors" is due to be trained and ready to enter the war against Internet terrorists, hackers and data thieves.
Militaristic language like that is frequently used at the University of Maryland University College (UMUC) when referring to its Cyber Security course. Protecting the Internet has become a matter of national security in the US.
UMUC began offering a bachelors degree and two masters programs in Internet security last autumn. It's a new field of study with the potential to fill a hole in the market. Within a short period hundreds of people expressed an interest in taking up the course.
There is enormous demand for such specialists at the moment and it's likely to rise even further. Whether it's administration, government bodies or the private economy, there are networks and systems everywhere that need to be protected, data secured and digital intruders stopped in their tracks.
"Cyber security is a very serious issue. Our aim is to train or teach a generation of professionals how to protect our cyber assets," says Alan Carswell who heads up the program at UMUC.
Wireless broadband networks exist everywhere in the US, both in the private and public sectors. Schools, clinics, transport and not least business and government would not be possible without a constantly functioning computer network. Cyber security affects countless areas from the search for friends in social networks such as Facebook to the financial markets on Wall Street.
Attacks on those systems can have catastrophic consequences, according to Carswell. They range from simple data theft to life-threatening situations such as the manipulation of air traffic control that could kill hundreds of people.
Cyber security has been viewed as a national challenge for a long time in the US. In May 2009, shortly after taking office, President Barack Obama declared that "America's economic prosperity in the 21st century will depend on cyber security," and he also nominated a coordinator for Cyber security. The popular Spy Museum in Washington has even dedicated one of its exhibition spaces to Internet security.
John Michael McConnell, the former director of the US National Security Agency -- and therefore a former "top spy" -- has warned against what he described as a "Cyber Pearl Harbor" -- an attack that could be as dramatic as the Japanese one on the US naval base in Hawaii in 1941 but this time in digital form.
Hacker attacks on countries and Internet-based terrorism have firmly established themselves as part of the real world. The US has set up an organization, the Cyber Command, to defend military networks against attack. Carswell says there is currently a shortage of qualified experts, but he promises that "we will fill that hole."
It's no surprise then that other universities have decided to react and across the US similar education programs are springing up. The names of the programs may differ but usually they all focus on the same theme of cyber security.
University life for the over 500 part-time students who are studying cyber security at UMUC, however, is quite different from what you might expect. Lectures take place via video, says UMUC press spokesman Chip Cassano. The course modules are available 24 hours a day, seven days a week and there are Internet platforms where students can discuss their studies online.
It seems appropriate that the cyber security course can also be completed exclusively online.
Langganan:
Postingan (Atom)
