Whilst I have been away on vacation, something fairly interesting has happened in the area of Open Source initiatives for Infrastructure as a Service in the form of a new initiative from NASA and Rackspace called OpenStack. You may remember in our last post in this area, we noted that there was a proliferation of offerings in the IaaS space, and it was in the customer’s best interest for there to be effective migrateability (or even mix and match) amongst public and/or private clouds. However, the API standards to support interoperability are proving elusive.
There are two key features missing from Virtualization and Cloud Computing. Those are auditing and forensics. The A6 project aims to fix this problem for auditing, but there is only some research into forensics. The issue is about discovering who did what when, where, how, and hopefully why. Auditing plays into this for Compliancy but also for forensics. Forensics has two major components in its arsenal: Audit Trails, and Disk Images.
Last month Verizon expanded its Computing as a Service (CaaS) cloud computing offering. The expansion itself is not surprising. The interesting tidbit is that Verizon has Carrier Status and therefore different laws apply to them than any other cloud provider that does not have this status, such as Amazon EC2, Terramark, etc. Will cloud computing providers be the next internet service provider? If so will they have to battle to not be responsible for the content within their clouds, as did internet service providers with the battle that ensued over the Communications Decency Act?