A few months ago I spent half a day at IBM New Zealand’s Auckland offices running various interviews of IBM staffers. The project was part of my work as curator (disclaimer – that’s a self-awarded title) of IBM’s Business Insight web property.
I was really interested to spend some time talking to IBM security expert John Martin and to specifically discuss the security issues that cloud computing brings.
Excuse the poor quality sound – the joys of a (very) cheap digital camera in video mode. As an aside, any digital video camera manufacturers who want some equipment trialed, just drop me a line.
I’d be interested to hear other security practitioner’s perspectives on all of this. I’d also be keen to run some interviews that provide a counterpoint to the assertions that John makes.
Ben, there was an ACM sponsored workshop on this subject last year, where some of the slides from talks at the workshop are available:
“CCSW 2009: The ACM Cloud Computing Security Workshop”
http://crypto.cs.stonybrook.edu/ccsw09/
There are some names there that you could make contact with if you want further comments from those experts in the topic on cloud security. Perhaps you can start with the 2 chairmen (Radu Sion and Dawn Song) which their sites are linked to from the workshop page shown above. The workshop chairmen can connect you with experts who participated in the workshop, even the IBM guy who was on the organizing committee (Reiner Sailer, IBM Research).
The good thing about getting some commentaries from these experts who attended the workshop is that they’re all R&D people. It means that they know most things (if not everything) about the subject, since they do nothing all day except R&D.
I am not sure when the proceedings from that ACM workshop is gonna come out, but usually, there is a lag of about 4 or more months, before they appear in print publications. The journal is more detail than the workshop itself, where presenters only used slides (summary only), but the print publication are longer article versions.