Page 173 - How Cloud Computing Is Transforming Business and Why You Cant Afford to Be Left Behind
P. 173
D ANGERS ABOUND: SECURITY IN THE C L O UD
protect their Web site as they do with traditional hosting solu-
tions, so it is no easier for potential abusers to compromise
Amazon EC2 based Web sites. . . . We were able to locate the
Zeus botnet controller and promptly shut it down. We take all
claims of misuse of the services very seriously and investigate
each one. When we find misuse, we take action quickly and
shut it down.”
All of this is to Amazon Web Services’ credit, but it also
makes clear that it’s impossible to keep all malware out of the
cloud. Variants of the Zeus botnet are believed to have been re-
sponsible for the theft of $100 million from bank accounts in
2009. The Cloud Security Alliance, in a white paper released
last April, says, “Hosts running within an infrastructure-as-a-
service are akin to hosts running in the DMZ of your enter-
prise’s network.” Cloud service providers would say that that’s
too harsh, but for now, it’s a good warning.
The most disquieting concerns about computing on infra-
structure as a service are the things that we lack years of solid
experience in dealing with—multiple virtual machine servers
running on one physical piece of hardware is a relatively recent
phenomenon in the data center. As noted in Chapter 3, the
ability to manage servers flexibly in this manner leads to many
of the basic ideas of cloud computing. But there remain trou-
bling questions.
When an intruder gets onto a server, intrusion detection
systems know where to watch for activity and have well-defined
patterns of software event sequences that tell them that some-
thing is amiss. But the operation of the virtual machine, an ap-
plication with its own operating system, is a different realm of
153
