satis egitimisatis

Clear Thoughts on Cloudy Subjects

Musings about the Xen Project, Clouds, virtualization, Open Source, and everything else that piques my technical interest.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that has been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Login
Posted by on in Cloud Best Practices
  • Font size: Larger Smaller
  • Hits: 13154
  • Print
  • Report this post

Cloud Security: The 800lb Red Herring in the Room

I have been working with Clouds since before the coining of the term itself (back then, the startup I was working for called it "Agile Infrastructure"; now it's known as "IaaS"). From the very beginning, a frequent blocker to adoption has been the question of security. "We can't go to the Cloud because it is simply not secure," goes the complaint.

Well, I'm here to say it's bunk -- pure bunk. There is NO new security problem in the Cloud.

There is, in fact, a security problem in external Clouds -- but it is already in your data center right now.

If you take a truly secure system and place it in an external or hybrid cloud, it will remain secure. Simply exposing a secure system to a larger number of potentially hostile assailants is not enough to make it vulnerable. No, a truly secure system is designed to remain that way even during escalating pressure.

The problem is that very few of our current systems are truly secure. They rely heavily on the notion that threats are few behind the corporate firewall, so they don't need to have air-tight security. That concept is -- and always was -- a mistake. And now that conditions are changing in the Cloud, the inappropriate assumption is causing major headaches. The leaks in the boat are becoming apparent now that it is finally in the water.

News Flash: Security Through Obscurity is Dead

Many security issues have been supposedly solved by “Security Through Obscurity.” Keeping the system in question from the prying eyes of evildoers has been the great fallback policy in the IT industry for decades.  

Unfortunately, this policy is like the child who sticks his head under the covers to escape the boogie man.  It may work well enough for escaping the illusive monsters of youth, but when the real threat appears, it is simply the wrong solution.

Let's Be Honest About the Problem

So you may have a security problem as you go to the Cloud, but it is not a Cloud security problem. It's the same problem which has been around for years – but now you are actually going to solve it.

So how do you proceed? A good first step is to assemble a list of potential attack scenarios. Are you worried that dangerous individuals will attack your database machine through the attack surface of the network interface driver? Write it down. Are you concerned that your Java application server may be assaulted through weaknesses in the API? Write it down. For each scenario, record the target, the attack surface, and the possible results of a successful attack.

The Cloud Can Actually Increase the Possible Solutions

As the attacks on any system are frequently complex, the solutions are often likewise complex. The solutions may encompass the operating system, the hardware drivers, the application code, and more. But while those aspects are normal for a non-Cloud system, there are additional factors in the Cloud, notably the hypervisor and the Cloud orchestrator.

This may sound overwhelming, but don't fear -- the biggest secret of Cloud security is that these additional security capabilities of the hypervisor and the Cloud orchestrator can actually increase the overall security of your data. Before you deploy a Cloud solution, you need to assess the security aspects of the Cloud orchestrator, tools, and hypervisor involved in that solution.

In a recent talk at the Linux Foundation's CloudOpen North America conference, I outlined some of the lessor known security aspects of the Xen Hypervisor. Using some of the security aspects of Xen, it is possible to make a VM more secure than it would be running on bare metal by combining techniques like disaggregation and Xen Security Modules to do things that you cannot easily accomplish otherwise.


So don't fret. Security in the Cloud may not be your problem, as it might be your solution. You just need to get your head out from under the bed covers and face the real boogie men in the room.


Rate this blog entry:
Russ is the evangelist for the Xen Project. An Open Source advocate since 1995, he has been around the Open Source world as a columnist, Internet radio personality, book author, and blogger. He has spoken at over 50 Open Source events and continues to look for conferences to speak about Open Source in general, and Xen in particular (if you have an event in mind, contact him). He first began working with Cloud technologies in 2004. He also has over 20 years experience of software consulting.
  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Saturday, 19 July 2014


Citrix supports the open source community via developer support and evangeslism. We have a number of developers and evangelists that participate actively in the open source community in Apache Cloudstack, OpenDaylight, Xen Project and XenServer. We also conduct educational activities via the Build A Cloud events held all over the world.