Between Cloud, Mobility and the Enterprise is the API Middle Ground

Scott Morrison

Subscribe to Scott Morrison: eMailAlertsEmail Alerts
Get Scott Morrison: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Scott Morrison

It's a problem as old as networked computing. Consider two applications. They negotiate a level of trust. How can that trust - or security context - be transferred to a third application, one that may exist in an entirely different security domain from the first? This problem has been solved before, but is limited by proprietary solutions that resist integration. The challenge now, which is a significant one, is to solve it again, but this time for Web services - a task complicated by the need to accommodate a broad range of established security procedures and legacy technologies. Context in Context Security context is an ambiguous term. Take, for example, the SSL protocol. Here, security context is largely cryptographic metadata - the master key, derived session keys, ciphers and hashes, etc. - which are associated by a public SSL session ID. The session ID exists ... (more)

Is Cloud Computing Secure? Prove It

I had a discussion with Wayne Rash the other day about security in cloud computing. He followed up with an excellent article in eWeek with the provocative title Is Cloud Computing Secure? Prove It. I’d encourage you to have a look; Wayne spoke to a number of well-known people in the industry, and they offer up some valuable insights in his piece. Wayne is interesting to talk to. He’s a retired naval officer who has been in the IT business long enough to have earned a very broad perspective.  Cloud has a lot of roots in earlier technologies (virtualization, time sharing, ASPs, ou... (more)

How Secure is Cloud Computing?

Cloud Expo on Ulitzer Technology Review has published an interview with cryptography pioneer Whitfield Diffie that is worth reading. I had the great pleasure of presenting to Whit down at the Sun campus. He is a great scientist and a gentleman. In this interview, Diffie–who is now a visiting professor at Royal Holloway, University of London–draws an interesting analogy between cloud computing and air travel: “Whitfield Diffie: The effect of the growing dependence on cloud computing is similar to that of our dependence on public transportation, particularly air transportation, wh... (more)

Top Five Mistakes People Make When Moving to the Cloud

Cloud is now mature enough that we can begin to identify anti-patterns associated with using these services. Keith Shaw from Network World and I spoke about worst practices in the cloud last week, and our conversation is now available as a podcast. Come and learn how to avoid making critical mistakes as you move into the cloud.   ... (more)

Public, Private & Hybrid Clouds

Christian Perry has an article in Processor Magazine that I contributed some quotes to. The article is about the ongoing debate about the merits of public and private clouds in the enterprise. One of the assertions that VMWare made at last week’s VMWorld conference is that secure hybrid clouds are the future for enterprise IT. This is a sentiment I agree with. But I also see the private part of the hybrid cloud as an excellent stepping stone to public clouds. Most future enterprise cloud apps will reside in the hybrid cloud; however, there will always be some applications, such as... (more)