Not so surprising, the state elders of cryptography had a few things to say about the security of cloud computing — but with little agreement.
Whitfield Diffie, chief security officer at Sun Microsystems, kicked off the cloud security discussion, stating that while securing the cloud computing model will have its challenges, they’ll be overcome in due time, and that ultimately cloud computing will become as pervasive as, well, clouds. “Cloud computing will come to where no real program and data will be ran on the computers of the company that is using the program,” he says.
MIT computer science professor Ronald Rivest is another who believes that the security challenges surrounding cloud computing will be soon met. While “a lot of us [in security] have hard work to do, I’m optimistic about [the future] of cloud computing,” Rivest says.
That’s where the optimistic outlook ended. Adi Shamir sees risk in compute consolidation. “A virus or a worm, today, is an annoyance that can have an impact on 10 to 20 percent of computing systems,” he said. “But we are moving to a situation where a very small number of data centers will be handling data for a very large number of companies. That’s a real danger. Hackers can take down one of those data centers, and can have disastrous effect on our lives,” he says.
Bruce Schneier, chief security technology officer at BT Counterpane, sees cloud computing – from a security and risk perspective – to not be much different than securing today’s systems . “Fundamentally, a few details might change, such as where the vulnerabilities are, and who patches the systems, but I don’t see a lot of differences between cloud computing and client server,” says Schneier.
“In fact,” Schneier adds, “I’m kind of bored with it.”