Security Polices on the Cloud

Like the traditional outsourcing contract, the security part of the cloud is realized through third party management and warranty. However, because there is no security standard for universal cloud computing, there are other related issues as well. Many cloud providers implement their own proprietary standards and security technologies and implement a variety of security models that need to be evaluated against their own strengths. In the supplier cloud model, by collecting the provider's risk assessment, due diligence, and assurance activities, the customer organization is ultimately adopted so that security within the cloud reliably meets its own security policy.

"When migrating to the cloud, cloud providers are responsible for protecting the cloud, but companies need to understand that only companies are able to reliably use the cloud, which requires a new way of thinking security "KPMG predicts that adoption of platform as service (PaaS) is the fastest growing segment of the cloud platform - predicting from 32% in 2017 to 56% in 2020 Launch the platform and manage the application in a much simpler way than building and maintaining the infrastructure

For enterprises considering the introduction of the cloud, security is still a big concern, especially regarding the introduction of the public cloud. Because the public cloud is a multi-tenant environment, public cloud service providers share the underlying hardware infrastructure among many customers. In this environment, a large amount of separation is required between logical computing resources. At the same time, account login credentials protect access to public cloud storage and computing resources. Many organizations that are subject to complex regulatory obligations and governance standards are still reluctant to put data and workloads in the public cloud to prevent confusion, loss, and theft. However, this resistance has gradually disappeared, as logical isolation proved to be reliable, data encryption, various ID and access management tools were added to improve the security of the public cloud.

iExec is a leader in distributed chunk computing based on block chains and is committed to greatly enhancing the security of distributed cloud computing by implementing state-of-the-art security technologies. iExec is part of Data Guard's early access planning on the IBM Cloud and one uses SGX-based solutions to protect the iExec distributed cloud, one of which is focused on Intel's SGX solution . "Intel SGX is the only technology that protects data via a hardware-based server.DataGuard allows you to run SGX in an agile environment by integrating with CI / CD system.Cloud We We are reinventing the cloud in a more secure way, "said Zhang Lei, who is in charge of research and development of iExec security.

iExec demonstrates the reliable execution environment of distributed cloud with IBM Think held in Las Vegas from March 19 to 22, 2018.