Friday, 12 April 2013

Cambridge - A Few Interesting Facts

Front of the college Peterhouse on Trumpington...
Front of the college Peterhouse on Trumpington Street. (Photo credit: Wikipedia)
Cambridge is a world famous city and largely for one reason, its university  The institution does indeed dominate the town’s history and continues to shape its profile today; and as a result the town has had a notable impact on the wider culture and wealth of the country for the last 800 years. The following article provides a handful of interesting facts about the city that you may or may not have known already, and that give an idea of its stature.

The Old University
As mentioned, Cambridge and its university are essentially synonymous - the reason that the city has such a global profile. The university is not only one of the top five in the world but can claim an almost unrivalled heritage being as it is the second oldest in the English speaking world, and the third oldest that is still in existence in entirety - behind only Oxford and Bologna. In fact, the institution owes its very existence to a decamping from Oxford in the first place following disputes there between the scholars and the locals. This first groups of incoming scholars can be dated back to 1209 although the university didn't receive its royal charter until 1231. The first of its colleges that we still know today can even be traced back to the 13th century with the founding of Peterhouse college by the Bishop of Ely in 1284.

Scientific Soccer
The modern game of football may have been given its moniker by the other university in Oxford but Cambridge can be considered to have been instrumental in its development. Arguably the first ever game of what we would recognise as football or soccer was played in the centre of the city on Parker’s Piece - a park still popular with locals and students alike. The game in 1848 was the first to use the Cambridge Rules which went on to be a prime influence behind the first ever of set of standardised association football rules 15 years later. What’s more, many of the fundamental tactics that shape the way the game is played to this day can be attributed to the university’s team. The Combination Game, as it came to be known, promoted the idea of each player having a position on the pitch, and a role in the therefore in the team, as well as reliance on the passing of the ball in place of dribbling and charging. These revolutionary changes are taken for granted now but were labelled ‘scientific’ in the 19th century and many have credited their development to the Cambridge University side of 1882.

Granting of City Status
Cambridge had been granted a town charter as far back as the 12th century, however, due in part perhaps to a number of episodes - like the one in which it found itself on the wrong side of the peasant’s revolt in the 14th century leading in turn to a revised charter and more control placed in the hands of the university - as well as the lack of a cathedral, it took until the mid 20th century to gain city status. To the surprise of many who assume that Cambridge is a typical Cathedral city, it still doesn't have a Cathedral and instead falls within the diocese of Ely.

Grant being the Operative Word
It may be well know that the town’s name can be ascribed to its position at the bridge over the famous River Cam - the iconic scene of punting students on a sunny afternoon - but what is perhaps not so well known is that the river actually owes its current name to the town and not vice versa. The Anglo-Saxon name for the river was Granta and the name for the town therefore was Grantabrycge, meaning Bridge over the River Granta. Indeed the Anglo-Saxon abbreviation for the town, as seen on coins minted there, used to be Grant. However, this name has been subsequently corrupted down the centuries to arrive at the modern ‘Cambridge’, whilst the river has since borrowed the ‘Cam’ back. The name Granta is still used to refer to the river in some contexts, including a couple of its tributaries, and traces can be seen in modern place-names such as Grantchester - a village on Cambridge’s outskirts (which is allegedly home to the highest concentration of Nobel Prize winners in the world).
Enhanced by Zemanta

Security Challenges Faced by Cloud Hosting - Handling Data

The final part of this article looks at how and where data is stored or handled and the issues that arise in cloud computing through the process of creating multiple instances of data across multiple server platforms. Cloud computing relies on this mechanism for many of its key benefits but, by doing so, invites further challenges for data security.

Data Protection
Data collection and storage is usually bound by legislation or regulation which varies depending on the jurisdiction under which a service falls. Most prominent regulations, however (e.g., those in the US and Europe) share certain principles in common that demand, for example, that data is collected with the subject’s permission, with their full understanding of what the data will be used for, only if the data is relevant to the stated purpose, only for that stated purpose, with transparency and with accountability. For the subject of the data this should mean that they consent to the service provider collecting data relating to them, they know what data that is, who has access to it and why, as well as how to access it themselves if they want to.

It is therefore paramount for IT service providers, who have stewardship of any data, that they are able to identify where data is stored within those services that they provide, how to access it and whether it is secure. However, the abstraction of cloud services in particular can cause challenges for those who utilise them to store or process data because they cannot necessarily guarantee where this data is at any given time. The physical location and guardianship can be obscured, with data hosting sometimes crossing different sites, geographical boundaries and even jurisdictions.

In such cases where private information is involved, the answer often lies with private clouds employing on-site hosting as mentioned in earlier parts of this article, but there is often a trade off with some of the other benefits of cloud which are discussed below.

Multiple Data Instances
Two of cloud computing’s biggest selling points are that of redundancy and scalability. These are often achieved by utilising multiple servers to provide the underlying computing resource, with, therefore, the data within a cloud service being ultimately stored across these numerous servers. Moreover, cloud structures will also create multiple instances of data across these servers to provide a further layer of redundancy protection. However, the more servers that data is shared across, the greater the risk that this data may be susceptible to security vulnerabilities on one of those servers (e.g., malware, hacks); whilst the more instances there are of a piece of data, the greater the risk (by definition) that that data may be accessed and used by unauthorised users. Essentially, data in one place needs to be protected once, data stored in a 100 places, will need to be protected 100 times.

What’s more, as each server and platform is likely to be shared, particularly in the public cloud model, each data instance may be subject to another security threat introduced, inadvertently or otherwise by the 3rd party users who share the resources. In a private cloud, however, this threat is reduced as the cloud resource exists behind the one organisation's firewall and fewer instances of the data are created in the first place (fewer servers to pool). Consequently there is always a degree of trade off between introducing security risk and the level of redundancy and scalability built into a system (although of course redundancy can prevent data loss in itself). Private clouds may be more secure but with smaller pool of resource they cannot match the levels of redundancy and scalability offered by the vast capacities of public clouds.
Enhanced by Zemanta

Tuesday, 9 April 2013

Security Challenges Faced by Cloud Hosting - Building in Security

English: This image describes a technology arc...
English: This image describes a technology architecture about Private Cloud. (Photo credit: Wikipedia)
As mentioned in part one of this article there are multiple stages at which information stored through cloud hosting platforms must be protected against data loss and unauthorised access. The first step is to secure the physical elements of a cloud hosting platform as described, however, the additional steps involve architectural and software based security measures to protect not only the platforms on which the data is stored, but also the data in transit and the subsequent points of access that allow valid users to interact with the data.

Public Cloud Models
Cloud offerings, including cloud hosting, can be broadly categorised, in terms of the way they are deployed (regardless of whether they are Infrastructure, Platform or Software as a Service), as either being Public Cloud, Private Cloud or Hybrid Cloud (a combination of the two). Much of the distinction between public and private clouds revolves around levels of security and privacy rather than technical specifications. As the name suggests, public clouds use points of access which are accessible on public networks (e.g., the internet), public networks to transfer information and shared clustered cloud servers to store information. Essentially anyone can ‘knock on the door’ of the cloud service, attempt to intercept its information in transit and potentially share its server resources. The services, should of course be protected by end point authentication, data encryption and anti-virus/firewall measures on the server platform to keep data secure but they are exposed to ‘attack’ at almost every point in their architecture. It is therefore important that consumers of such services are aware of what risks each service carries and what the provider puts in place to safeguard their customers’ data.

Private Cloud
For organisations dealing with highly sensitive data, however, they may demand more restrictions on who can attempt to access the cloud service, the networks it utilises and the sharing of cloud servers. In particular, some organisations will be governed by regulation which demands that they retain control of data for which they are ultimately responsible.

Private clouds may employ differing architectures, but they are defined by providing the aforementioned security measures. Servers can be located on an organisation’s own premises or within a data centre facility but they will be ringfenced for the use of that sole client; whether it be with physical hardware separation or virtualised separation between server clusters, an organisation’s cloud platform will be behind their own firewall. What’s more, to protect data in transit, and to prevent untrusted users from accessing the cloud, private clouds can again use either physical or virtualised separation from public shared networks. For example, an organisation can utilise local area network (LAN) connections to access a cloud which hosted on internal on-site servers or a physically distinct leased line when connecting to servers in a remote location. Alternatively, technologies such as MPLS (Multi-Label Switching Protocol) can be used to provide organisations with trusted network connections, controlled by individual providers, across public network infrastructure. The latter can provide more flexibility and allow the organisation to benefit to a greater extent from the scalability that cloud hosting providers can provide.

Hybrid Cloud
A hybrid cloud combines elements of public and private clouds and so can provide the security that organizations require for their sensitive and private data whilst allowing them to access cost efficient scalability in the public cloud for their non-sensitive operations. For example, an organization may store all of their protected client data in systems and databases hosted on site in a private cloud as required by regulation but pull computing resource from a public cloud for their brochureware website’s hosting platform.

Data Centre Expertise
The previous part of this article mentioned the benefits of a data center location in terms of the physical maintenance of servers preventing data loss. Similarly it is worth noting that both public clouds and private clouds which utilise a third party data center location for their server hosting (whilst introducing vulnerabilities in data transfer) can benefit from on-site expertise in the maintenance of software and anti-virus measures, including for example patching, to optimise both the preservation and security of data.
Enhanced by Zemanta

Security Challenges Faced by Cloud Hosting - Physical Security

Data Center
Data Center (Photo credit: bandarji)
The following two posts explore the topic of cloud hosting and the challenges it faces in providing secure data environments for enterprise consumers. In addition, it discusses the measures taken to combat these challenges, whether they be physical risks to hosting platforms or cybercrime.

The Need for Secure Data
The concept of security in all aspects of computing can be said to fall into two areas, the preservation of data and the control of data. The first of these concerns is the ability to ensure that data is not lost or corrupted, whether it be sensitive (i.e., private) or not. Data preservation may be essential for the effective operations of a business, for example, to be able to contact suppliers/clients or monitor and analyse business performance (business intelligence). In many cases firms are required to preserve data for periods of time by regulatory bodies in order to provide audit trails on their activities and where data is deemed personal, sensitive or private in relation to customers, suppliers or employees, firms will also be required by data protection laws to maintain that data.

The second issue pertains to the risk of sensitive data being seen by those who should not have access to it. Again data protection laws govern firms when it comes to only obtaining personal data with an individual’s permission and then ensuring that they control who has access, restricting unwarranted access. In addition however, firms will invariably want to keep their own business operations private as well to prevent competitors gaining an advantage on them.

All IT infrastructure needs to confront these security issues whether it be personal or enterprise level computing and this has been a particular challenge for cloud computing in general, including cloud based hosting.

The Vulnerabilities
Cloud computing services ultimately require networks of physical servers to create the pool of computing resource from which clients can access their computing as a service, which means that all cloud resources always have some form of physical location. In addition, cloud services rely on a point at which the end users can access them, often publicly available on the internet as well as of course a public network such as the internet to transfer the data used by the service. These three elements to a typical public cloud service each have their own vulnerabilities in terms of the protection and preservation of data.

Physical Security
In terms of the physical infrastructure used to build a cloud service, many of the security challenges are the same as those faced by any other hosting platform. To keep data secure, providers first need to keep the infrastructure secure and running, and the data centres where cloud servers are housed take great measures to these ends. In terms of access, they ensure that the facilities themselves are secured against unauthorised personnel by using tools such as biometrics, security cameras, guards and limited access to individual server suites. This not only controls the risk of intentional sabotage or physical hacks but also the risk of accidental damage caused by one engineer affecting another organisation’s servers, for example.

Furthermore, servers and network infrastructures are protected against physical damage using advanced fire protections systems and environmental controls such as temperature management. Controlling the temperature inside data centres is one of the primary expenses of a data centre provider due to the vast amount of heat generated by working servers. The aim of the exercise is to ensure that servers can run at their optimal temperatures but if left unchecked the damage caused could take cloud servers offline completely. Data centres employ techniques such as chiller units, ventilation and water cooling to keep temperature regulated and servers running smoothly.

Cloud servers and their networks also benefit from the general expertise of data centre providers to keep the hardware maintained and up to date, ensuring that the chances of other hardware failures are reduced. As with alternative hosting solutions which locate servers in data centres, such as colocation, dedicated hosting and VPS (virtual private servers), this expertise may be accessed at a fraction of the cost it would take for a businesses to deploy in-house.

However, these physical security measures are only the first step. The second part of this post explores the efforts taken to keep cloud hosting software operating smoothly and prevent data from falling into the wrong hands.
Enhanced by Zemanta