Thursday, February 19, 2009

Cloud Computing and Security

Cloud Computing and PARC

Cloud Computing is hot - now that is a truism for the technology world today.

Beyond the hype of processing xTb of data in 24 hours by EC2 or Azure and the alphabet soup of cloud solutions, a bit of good ole' fashioned investigation seems to be important to figure out how it actually impacts the technology landscape.

In other words, PARC's Security team is intrigued after the Security Workshop.

PARC Security's Cloud Computing Offer

If you are a practitioner in the cloud computing space, we would love to hear from you. Here is a brief description of what we are doing:

PARC is investigating cloud computing security as a potential research area. Knowledge of current practices, use cases, and problems with regards to cloud computing security would be very helpful for this investigation. We hope to understand the actual security issues in the new world of cloud computing.

As for being the discovery process, we will share consolidated/anonymized information with you at the end of the study.

Please drop me a note if you wish to participate.


Wednesday, February 18, 2009

Third fire alarm

Fire! Again!

What's up with this! A third accidental fire alarm in as many months. Seems like we are on a roll. Or, there is a minor conspiracy that I am not aware of.

While waiting in the emergency area, I did have a chance to strike up a conversation about PARC during the 1989 Loma Prieta earthquake, a.k.a. the World Series Quake. Back then, people were using car radios to get updates on the status.

If it were to happen today, I wonder if the cell phone towers would hold up during the quake and if the towers would be overwhelmed with calls. Maybe a distributed and ad-hoc networking backbone would be a more robust solution, although I think people used WiMax for the 2004 Tsunami in the Indian Ocean.

Yeah, back to work.


Friday, February 13, 2009

"1 second" Unix Party

Ad Hoc Networking Meeting

Was in a meeting discussing CAPE. Spirited discussion all around as always.

But, we had to wrap it up early because:

Party Time


Sent: Friday, February 13, 2009
Subject: 1234567890 day!

Happy 1234567890 day everyone!

Today at 3:31:30pm, the number of seconds since midnight, January 1, 1970 (not counting leap seconds)—otherwise known as unix time or posix time — becomes 1234567890.

Please join us in a 1-second party in the CSL bistro area at the appropriate moment.


Gosh, I am surrounded by geeks!



Saturday, February 7, 2009

Security Workshop

Security as an Enabler: Visions
Highlights of a Workshop sponsored by Fujitsu Laboratories and PARC

Key areas considered
* Data Loss Prevention (DLP)
* Reputation and Trust
* Malware and Fraud Detection

Homework Questions

Where does Cloud Computing fit? Because of the cooperative nature of cloud computing, frameworks and standards might be important here. In fact, the security problems for cloud computing are at this point is not well-defined.

Interplay of reputation, malware, and social networks. The phenomenon of malvertising seems to show that the problem cannot be solved by any one party. In other words, how can reputation and social networks be used to expose and combat malware?

P@P Workshop Notes

This was a highly interactive workshop that allowed academic, corporate practitioners, and researchers to challenge each other’s ideas and find areas of common interests.

The most fascinating story for me is on the development of the DLP market when people did not think such a need existed. Now DLP is one of the fastest growing segments in the security industry.

Drop me a note if you want a copy of the workshop’s output.