Chapter 5. Cloud Insecurity: Sharing the Cloud with Your Enemy
Cloud computing is seen as the next generation of computing. The benefits, cost savings, and business justifications for moving to a cloud-based environment are compelling. Cloud computing is the culmination of the increased computing power, available bandwidth, and need for businesses to focus on their non-IT core competencies. Cloud offerings typically consist of thousands of machines working in parallel and sharing the load seamlessly to provide the scalability and power that have become the hallmark of cloud-based offerings. Various cloud providers make the power of these massive clouds available to the public. This computing power is unparalleled and unlike anything previously encountered. With cloud offerings, even the smallest organizations can scale to meet any demand.
In an ideal world, organizations “share” the cloud, logically separated from each other by the cloud provider, operating independently of each other in a sandbox, pulling resources only when needed, and respecting the separation put in place by the cloud provider. In the real world, applications uploaded to the cloud are trying to break out of their sandbox, attempting to gain access to other applications and hardware and trying to consume resources. The next-generation hacker understands that he has complete control of what the cloud runs; he knows cloud security is immature and developing. The next-generation hacker is positioning himself to take ...
Get Hacking: The Next Generation now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.