Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Another reason I don't like the 'cloud' idea

From: David Farber <dave () farber net>
Date: Sat, 5 Sep 2009 09:11:36 -0400


Begin forwarded message:

From: "Ed Gerck, Ph.D." <egerck () nma com>
Date: April 17, 2009 12:05:47 PM EDT
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] Re: Another reason I don't like the 'cloud' idea

Dave and IP'ers:
Cloud-computing (aka SaaS) customers are, as the bottom line, outsourcing risk into a situation that they cannot control.
For example, even if the customer areas are encrypted, the keys to decrypt the customer areas are potentially available not only to anyone compromising the server but also to the organizations and people regularly involved in running and maintaining the server. Further, compromise in one area of an SaaS system may compromise data of more than one customer. The importance of this vulnerability was highlighted in Q3/2007 by a phishing and spoofing attack reportedly targeting salesforce.com (a well-known cloud computing provider) customers' data in Salesforce's servers. 

  In one case, a phishing email purporting to be from the U.S. Federal
  Trade Commission was sent to a salesforce.com customer. The email
  contained business information about a company's client, that the
  public at large would not know, which was available in the
  customer's area at the salesforce.com servers. The email asked for
  more information about the customer's client. In other cases,
  customers received bogus emails that looked like salesforce.com
  invoices, with virus and key-logging software that could completely
  compromise the recipient's security and privacy -- including
  passwords typed by the user
With cloud computing as it is done today, the customers' data become attack targets, with mounting risks as the number of customers increase in the multi-tenant architecture where servers hold an "egg nest" with data belonging to many different customers.
Solutions exist, to different degrees. One solution, which I helped develop and is coming to market after years of testing, can prevent data theft even if the attackers physically remove all servers and devices providing the cloud computing service. The requirement to withstand a physical removal attack, where the attackers can try to break the protection in their own time and without multiple-attempt blocks, is important not because it may be be carried out physically with high probability but because online "owning" of servers can be as extensive as physically possessing the servers. 

Cheers,
Ed Gerck
ed () gerck com




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: