The first hybrid cloud security capability requirement standard will be released soon
In today's booming digital economy, cloud computing has become the infrastructure for the development of the digital economy. Behind the rapid growth of the market, more and more enterprises began to migrate to the cloud, and cloud computing also derived three service models, namely private cloud, public cloud and hybrid cloud. The hybrid cloud takes into account the advantages of both the flexibility of the public cloud and the security of the private cloud, which is welcomed by industry users and becomes the mainstream model of enterprise cloud.
Although hybrid cloud has many benefits, how to effectively manage multiple cloud platforms or heterogeneous resources, and how to better achieve collaboration and security between cloud networks are still important "roadblocks" for accelerating the landing of hybrid cloud. Especially in the hybrid cloud scenario, the mixing of different cloud deployment modes forms a diversified boundary, and the flow of data and applications between different clouds also brings new challenges to the security of storage, transmission and management.
Security capabilities of hybrid cloud
The White Paper on Hybrid Cloud (2019) released by the Cloud Computing Open Source Industry Alliance points out that as enterprises host more business on hybrid cloud, it becomes more difficult to protect user data and business. The complex environment composed of local infrastructure and a variety of public and private clouds makes users have higher requirements for hybrid cloud security. The security capability of hybrid cloud is reflected in the following aspects:
Network and transmission security issues, such as how to achieve network isolation and avoid interaction between networks on different planes; Introducing secure communication encryption protocol to ensure transmission security; Secure connection mode is adopted to ensure the reliability of network connection; Ensure border security, and conduct security audit on all kinds of network behaviors.
Data and application security issues. In the process of storage, backup and transmission, the data shall be encrypted, and the data integrity shall be guaranteed through digital signature, time stamp and other cryptographic technologies; Use security interface, permission control and other means to manage data access rights, so as to avoid the disclosure of sensitive data.
Access and authentication level. Access is controlled through password based policy, role-based decentralization and domain division, to prevent unauthorized or unauthorized access; Random generation, encryption and distribution, and authority authentication are used to generate, use, and manage the key to avoid the risk of users being unable to access or data losing due to key loss.
In addition, ensuring the security of infrastructure such as hosts is also an important component of hybrid cloud security capabilities.
As mentioned above, how to solve the security of hybrid cloud has become a challenge that cloud computing providers and users must face, which depends on the joint efforts of the entire industry. With the expansion of the hybrid cloud market and the development of business, and the huge industrial scale, standardization is an inevitable choice. Relevant standardization work has been raised to a new height. Starting with specific fields or detailed technologies, an overall standard framework has gradually been formed, which has become the industry consensus.
Security capability standards for hybrid cloud solutions come out
Since the security of hybrid cloud is related to the security of user data and applications, it is a key factor to determine whether an enterprise will go to the cloud. In order to better protect the security of hybrid cloud. At the upcoming 2020 Cloud Management and Cloud Network Conference, the first security capability requirements standard for hybrid cloud solutions will be announced.
This standard is intended to provide reference and specification for users to deploy secure hybrid clouds, and at the same time play a guiding role in the procurement and development of hybrid cloud service providers, improve the technical security capability of building a hybrid cloud model, reduce the security threats faced by hybrid clouds, and ensure the confidentiality, integrity and availability of enterprise users' data and applications in a hybrid cloud environment.
The Security Capability Requirements for Hybrid Cloud Solutions specifies the security capability requirements for hybrid cloud solutions, that is, the security capabilities of solutions provided by service providers to users, mainly including regional boundary security (ensuring the security of physical and logical boundaries between private and public clouds and the security of cross-border access behavior) Cross cloud transmission security (ensuring the security of cross cloud transmission or migration of data, applications, hosts, containers, etc.), cross cloud storage security (ensuring the security of data storage, backup, and recovery in a hybrid cloud scenario), and multi cloud management security (ensuring the security between multiple clouds that needs to be achieved through unified management). Service providers can be applied to the design, development and deployment of hybrid cloud solutions, and can be referenced in security testing and management scenarios.
The Security Capability Requirements for Hybrid Cloud Solutions also divides specific requirements into basic requirements and enhanced requirements according to the importance of different security capabilities and industry practices, so that users and service providers can decide whether to adopt some enhanced requirements according to the application scenarios and business importance.
It should be said that the release of the security capability requirement standard for hybrid cloud solutions provides an important guide for the current rapidly developing hybrid cloud market. For cloud computing providers, they can better deliver hybrid cloud services and provide users with standardized products and services relying on this standard. For enterprise users, they can better rely on this standard to evaluate and deploy hybrid cloud architecture, thus driving business innovation.
2020 Cloud Management and Cloud Network Conference is waiting for you
In order to further promote the innovative development of cloud computing and improve the cloud management platform technology and cloud network service level, the 2020 Cloud Management and Cloud Network Conference, sponsored by the Cloud Computing Standards and Open Source Promotion Committee of China Communications Standardization Association (CCSA TC608) and supported by the Cloud Computing Open Source Industry Alliance and the Hybrid Cloud Industry Promotion Alliance, will be held in Beijing Guobin Hotel on January 7, 2020.
This conference is intended to invite leaders of relevant departments and bureaus of the Ministry of Industry and Information Technology, China Information and Communication Research Institute, relevant manufacturers and user representatives of cloud computing industry to the site, and discuss hot topics such as hybrid cloud, cloud management platform (CMP), cloud management services (MSP), cloud platform network capabilities, SD-WAN, etc.
In addition to the security capability requirements standards for hybrid cloud solutions mentioned above, the Cloud Management and Cloud Network Conference will also discuss hot topics such as hybrid cloud, cloud management platform (CMP), cloud management services (MSP), cloud platform network capabilities, SD-WAN, and release the first batch of cloud MSP capability assessment results, outstanding cases of CMP and SD-WAN in 2019 The industry's first white paper on multi cloud management platform and the user experience standard for interpreting cloud network capabilities.
