对云计算安全的理解

      有人问过我关于云计算的安全问题，指出将信息存放在云里面，不能很好的保证信息的安全性，毕竟和存放在自己可以掌控的范围内截然不同。

      确实大家这样说，是存在误区的。因为对于大家的理解，都认为，云计算的安全是指，将自己的数据，服务等存放在公共的云计算服务中。其实，云计算不是这样的。云计算本质是对原有的电脑服务架构进行革新，产生另外的系统架构，彻底颠覆以前系统架构存在的效率问题。

      云计算的分类有三种：

      There are three main types of cloud deployment models -public, private and hybrid clouds.

PublicClouds–arethemostcommontypeofcloud.Thisiswheremultiplecustomerscanaccesswebapplicationsandservicesovertheinternet.Eachindividualcustomerhastheirownresourceswhicharedynamicallyprovisionedbyathirdpartyvendor.Thisthirdpartyvendorhoststhecloudfor

multiplecustomersfrommultipledatacenters,managesallthesecurityandprovidesthehardwareandinfrastructureforthecloudtooperate.Thecustomerhasnocontrolorinsightintohowthecloudismanagedorwhatinfrastructureisavailable.

PrivateClouds–emulatetheconceptofcloudcomputingonaprivatenetwork.Theyallowuserstohavethebenefitsofcloudcomputingwithoutsomeofthepitfalls.Privatecloudsgrantcompletecontroloverhowdataismanagedandwhatsecuritymeasuresareinplace.Thiscanleadtousershavingmoreconfidenceandcontrol.Themajorissuewiththisdeploymentmodelisthattheusershavelargeexpendituresastheyhavetobuytheinfrastructuretorunthecloudandalsohavetomanagethecloudthemselves.

      Hybrid Clouds – incorporate both public and private clouds within the same network. It allows the organisations to benefit from both deployment models.

      For example, an organisation could hold sensitive information on their private cloud and use the public cloud for handling large traffic and demanding situations.

      将不是特别重要的数据可以存放在公有云上；将特别重要的数据存放在私有云上，防止公有云存在的问题。