Over a decade ago, I was researching cluster computing -- tying together a large number of commodity computers to work together on a single, large task using a high-speed network as the interconnect. The environment was fundamentally similar to what we see in cloud-computing data centers today -- large numbers of commodity computers tied together with high-speed networks to provide a service.
At the time, I was wondering what security issues would arise in clusters. Since a cluster of computers was typically dedicated to a single user's task back in the day, it wasn't clear to me what access control and data security would be necessary other than making sure the assigned user was the only one with access to the cluster at a time. As clusters evolved and scheduling arrived to divide clusters into parts to allow multiple jobs to run at a time in clusters, I wasn't involved in cluster computing anymore and didn't see what was happening with respect to security as clusters evolved into grids and clouds.
Today, the security issues are quite visible in what has become cloud computing. Using an outside vendor's infrastructure (cloud) has becoming compelling for a number of reasons - scalability, elasticity, capital cost reductions, and more. Visibility, compliance, jurisdiction, patch management, and other issues have become prominent in such a shared environment.
Looking back, as mainframes grew from single-user, batch processing systems to multiuser, timesharing systems, mainframe operating systems gained controls and visibility to enable secure multiuser operation. Nowadays, groups like the Cloud Security Alliance are driving to improve the security and viability of cloud computing.
No comments:
Post a Comment