[Adopted from my BLOG December 2009]
Lately in the IT community all the hype is on Cloud Computing. We have small
start-ups offering several variations of Cloud services as well as some of
the established big players (Google, Amazon, IBM, Novell (aimed at cloud
service providers),Sun) stepping up their offerings of cloud services.
But what exactly is Cloud Computing? Is it Virtualization? Is it services
that we accessed via a web browser over the years, something totally new, or
is it all of these,but just rebranded?
The term Cloud Computing started gaining traction when Google and IBM
launched a university initiative to address internet scale computing back in
These services has been evolving since the 90s and its previous incarnations
can be said to be Grid and Utility computing and the Software as a Service
offerings we saw around a decade ago.
Cloud Compu... (more)
I've been asked quite a few times, "when will it be a good time to get into
cloud computing?" by potential clients. My answer is typically it depends...
I know, I know.... not much direction there, but really it all depends. Why ?
Well, some may state, "we all know of the much beaten security concerns, and
we will ensure that systems on our end are secured and synced to work in
tandem with the vendors' security."
Can one ensure some degree of monitoring by the implementation of an
Intrusion Detection System (IDS) residing within the system hosting the
gateway into the cloud?
Proponents of the cloud ecosystem touts its "vastness, flexibility and
scalability as advantages for the implementation of cloud services. However,
from a digital point of view this can be a veritable forensic challenge as we
view the cloud in terms of its scope and diversity.
According to Dr. Stephen Wolthusen "Digital forensics (also referred to at
times as computer forensics) encompasses approaches and techniques for
gathering and analyzing traces of human and computer-generated activity in
such a way that it is suitable in a court of law."
A key challenge to a digital inve... (more)
Digital Forensics is not an elephant, it is a process and not just one
process, but a group of tasks and processes in investigation. Examiners now
perform targeted examinations using forensic tools and databases of known
files, selecting specific files and data types for review while ignoring
files of irrelevant type and content. Despite the application of
sophisticated tools, the forensic process still relies on the examiner's
knowledge of the technical aspects of the specimen and understanding of the
case and the law - Mark Pollitt.
As has been established from articles by var... (more)
As mentioned in Part 1 of this article, one of my functions is to research
current and up and coming solutions within the technology realm, particularly
that of distributed computing and cloud computing.
It is a strong possibility that malicious users will eventually identify and
exploit potential flaws within the cloud computing model. CSPs, in their
pursuit to secure market share may have underestimated the possibilities of
attack and misuse of their cloud resources by a malicious user or users.
The likelihood that the creation, storage, processing and distribution of
illicit ... (more)