Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Although cloud computing could "fundamentally destroy" IT security practices and lead to an era of closed, proprietary computing it would also likely harden most networks against attacks, prominent US cryptographer Whitfield Diffie told a Gold Coast gathering of security professionals today.
"At worst [cloud computing] will fundamentally destroy the current security paradigm - but on the other hand it's going to substantially improve the average level of security of ordinary shleps who didnt pay any attention to the matter," Diffie told about 1000 delegates to this year's AusCERT trade show and conference.
"Look forward a little bit and I'm not thoroughly pleased at what is happening in the world, but I'm firmly convinced that cloud computing will become very widespread."
Diffie said that automated legal contracts such as those modelled on US Government practices would play a bigger role in future IT security.
"There's going to be a tremendous security gain by pushing things into standard security practices."
Diffie said that "contracts will have to occur very fast" to cater to demand for services needed for only a few minutes or fractions of a second. There was no civilian equivalent to military and government "facility clearances" to swift-fly awarded tenders, he said.
"You've got to know whether those people are capable of fulfilling the contract," he said. "They've gone through a set of bureaucratic hurdles so that all of a sudden if a secret contract comes up it can be awarded overnight - there's very little example of that in the civilian world."
Diffie expected that cloud computing, which "promoted much better security at the level of practice", was largely driven by economic factors - chief among which was reducing risk to venture capitalists.
He was convinced that cloud computing would become widespread, leading to a surge in startups, but he questioned the altruism of its leading proponent, Google.
"They won't sell you the program but they will run the program for you," Diffie said.
"If you had access to the Google stream, you could see what everyone was asking Google for, what they're currently interested in.
"We are putting a tremendous amount of faith in (Google founders) Larry (Page) and Sergey (Brin) and the claim that they aren't doing anything evil."
The return of closed and proprietary systems running in the cloud concerned Diffie.
"I believe you're going to get a lot of startups that lead to successful companies and - this is the point I don't like - things that are based very much in proprietary computing.
"Above the GPL (a free software licence), everything Google does is a trade secret. There wil be a great opening for people to run trade secret algorithms on top of other people's (infrastructure)."
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.