One way of Tha我為i embarrassed embarrass男購ed at the end of 2012 under the bed冷這 to the Chinese film box office record,生月 but also refresh the reco喝很rd. But in IT, data center 間件security failure events erupt f關呢requently, also個妹 the impact of enterp愛少rise user's psychological line o化樹f defense in a meeting. Only look,場日 the security probl短算ems of the data center, don'請河;t be embarrassed音中 again. "Tai embarrassed".現妹
Cloud computing service i看話s touted to be the IT saint費內s in this era, all 子個services can be "cloud&愛年quot;. However, when many compani紙男es to be the first to ea廠電t crab, but found that often the 信去most vulnerable is their. In rec她大ent years, emerge in an e飛我ndless stream of cloud services broken輛近 network events, so that t信理he industry could appall.
People gradually return技時 to the ideal, to more clearly see th東藍e true face of cloud computing. It can看劇 be said, no matter how lofty dream都船 or to find a secure foo我很thold, cloud servic雪議es eventually f有個rom one data center to 服站be transmitted to a data center, and in物為 the process still could n業雨ot escape the need, computer, netwo到河rk, power, storage, 用畫etc. between collaborative wo兵店rk. As a result, the entire p那照rocess error and loopholes in t長理he offing, coupled with natural disas店技ters. So, enabled cloud services, y內通ou must have a c美到ertain amount o這的f mental preparation, 大開but also with a second-年呢hand solutions to deal with.子廠
Editor here, look 要醫at the reasons 冷校behind a series of br農可oken network events that occurred金黑 in recent years. Between f用生rom 2009 to 2012. Perhaps mak舊見e you see: even if the computer err公時or seems inevitable, reinsurance mea小這sures seem only security event cont她照rol in a small proba舞鐘bility range.
The off network t知科ypes: system failure
Typical event 1: Amazon AWS Chr綠費istmas Eve off network
The cause of the工站 malfunction: Elastic他人 Load Balancing se歌哥rvice failure
December 24, 2012, Christmas Eve房費 just past, Amazon did not let t舞樂heir customers have had唱在 peace. Amazon the 通一AWS located in 下冷the eastern United明技 States data center fails, the Elasti請街c Load Balancin兒公g service (Elastic Load Balancing愛跳 Service) interrupt, sites su道金ch as Netflix and Heroku affect秒玩ed. Which, Heroku in the AWS eastern Un呢鄉ited States regional service befor區費e failure has a水光lso been influenced. Howev看可er, some coincidence Netflix rival Ama好動zon's own Amazon Prime Insta學但nt Video is not affected b但師ecause of this failure.
December 24, Amazon AWS interrup愛制t service event is not the first time, 舞討of course, will not be the last ti著錢me.
October 22, 2012, Amazon AWS netw電知ork services in Northern Virginia什什 interruption. Th電東e reason is simil道麗ar to the last. The 訊哥effects of the accide頻電nt including Reddit, Pinterest an好鄉d other well-known websites. I但身nterrupt affect the elasticity of鄉黑 magic beans, followed by 裡很flexible magic beans console化制, relational data動在base services, flexible cache, E用說lastic Compute Cloud EC2, cloud se飛來arch. This accid玩畫ent made a lot of 哥低people believe that爸東 Amazon should to upgrade North Pooh t水計he Ghia data center in厭兵frastructure.
April 22, 2011, a large area of the 雪近Amazon cloud data center server體醫 downtime, this event is cons新美idered to Amazon 算化the most serious in the hist水綠ory of cloud computing security event.船空 Amazon downtime cloud comput就見ing center in Northern Virgin去懂ia, including answer 冷電service Quora, the news servic少事e Reddit, Hootsuite and location tr會友acking service 議煙FourSquare, some s行他ites have been affected. Amazon's話美 official report claims that t會麗he incident is due to the 頻慢presence of its EC2 syst山還em design vulnerabilities and de樂數sign flaws, to 少好improve the EC2 (the Amazon Elasti森化cComputeCloud service廠服), competitive and 鐵科continue to fix known vulnerab門校ilities and defects.
In January 2010, almost 60,008 th國討ousand Salesforce.com users exp船業erienced at least one hour of downtime.紅跳 Salesforce.com "systematic e也樹rrors" due to t吧來heir own data cen友公ter, all servic喝人es, including backup, in購藍cluding a brief paralysis. It a好黑lso exposed the Salesforce日唱.com do not want to open the lock st村樹rategy: its PaaS platform, Force.com Sa可暗lesforce.com outside the吃如. Once Salesforce.com problems, Forc人資e.com the same problems. In劇麗terrupt service occurred a long time, 黑費the problem will become very 行民tricky.
The broken network inducem女白ent: natural disasters
Typical event: Amazon Northern Ireland話坐 Berlin data center日門 downtime
The fault reasons: lig到西htning struck a物什 transformer of the data cente紅信r in Berlin
August 6, 2011, ca數少used by lightning in Northern Irelan也鐘d, Dublin Amazon and Microsoft cl子村oud computing network in Europe, lar物頻ge-scale data ce區的nter power outa些作ge downtime. The lightning struc窗習k a transformer near Dubli道畫n data center, lea黑術ding to its explosion. The explosion t木頻riggered a fire, so that the work of al拍樹l public service agencies 睡銀to temporarily halt the entir亮短e data center downtime.
This data center is t雪男he Amazon, only for data storag雜但e and in Europe, that is, EC2 cloud 風銀computing platform c謝藍ustomers during我厭 the accident no other data cent頻家er for temporary use. Downtime e熱機vent makes the length of the Amazo秒腦n EC2 cloud service platform many web個有sites to interrupt a long tim又還e up to two days.
Typical event: Calgary data c學作enter fire accident
Failure reasons不我: data center fire
Calgary data center 地嗎fire accident July 11, 2012: Canadi聽問an communications servic熱月e providers ShawCommun空技icationsInc in Calgary the A Er Bota&#動請39;s data center, a fire occurred, resu南金lting in hundre喝討ds of local hospital surgical dela文話y. Manage the data cente服輛r to provide emergency se資來rvices, the fire 海校affected the the農美 main backup syste暗西ms to support critic妹師al public servi跳男ces. The event a拿公s a series of government agencies子訊 sounded the alarm, you m草拿ust ensure the timely r女劇ecovery and have failover system, c器腦ombined with the introduction of唱商 disaster management plans.鄉懂
Typical event: Hurricane S弟山andy attacks data center
The cause of the malfunction: stor男去ms and floods led to the data cent下船er to stop running
October 29, 2012, super hurricane Sand線跳y: data center in New 工機York and New Je票技rsey are subject to the impact of 會湖the hurricane, 但司including the adverse impact 好嗎for the Lower Manhattan area 報慢flooding and the 舊樂shutdown of some facilities, t少都he surrounding area見暗 data center genera通森tors run disorders. Impact in h件看urricane Sandy and新答 beyond the general s上志ingle disruptions brought di照歌saster of unpreced商爸ented scale in the data cent船間er industry in the a靜廠ffected areas. In fac低離t, the diesel has become the lif技森eblood of the data center recovery,房公 to take over the entire load as空去 a backup power system,數舞 prompting the special measures 熱麗to keep the generator fuel. Wi司樂th the immediate focus grad輛裡ually shifted to the post-disaster 內爸reconstruction, we need long-term en匠和gineering and disaster唱舊 recovery data center loca請歌tion, explore th票木is topic may last for month區亮s, or even years.
The off net incentive III: human f拍生actors
Typical event 1海兒: Hosting.com service disru有可ptions
The cause of the malfun海說ction: the serv刀相ice provider implementati白訊on of the circu師件it breaker operating sequence is i地但ncorrect due to UPS Close
July 28, 2012 the Hosting.com 北長outage event: hum到鐘an error is often co花銀nsidered one of the domin近窗ant factors in th對習e data center downti樹算me. July the Hos間能ting.com interru媽體pt events caused 頻如the 1100 Customer Se能歌rvice interruption is an exam唱訊ple. Shutdown accident信媽 is being carrie拿錢d out due to the compan妹來y's data center in Newark, Delawa你輛re, UPS systems preventive 的水maintenance, service provider imple厭數mentation of the circuit b風西reaker operating sequence is not correc快錢t to cause the UPS shut down is ca作農used by the data center suites暗我 facilities the loss of讀黃 one of the key factors. "CEO風匠 of ArtZeile Hosting.com. "行對There is no failure of any important 喝要power system or standby power system雪站s, is entirely caused by a human 看輛error."
Typical event: Microsoft司女 outbreak of the 也船BPOS service interrupt理用ions event
The cause of the malfuncti北畫on: Microsoft data centers i事綠n the United States, Europe an東化d Asia, a determ件音ined set error
In September 2010, Microso了照ft hosting servic影票es at least three times鐘商 in the western United States within 林裡a few weeks time interrupt event to ap的紅ologize to the user. This is短南 Microsoft's 裡但first major cloud compu答中ting events broke.
The accident, the user acc科拍ess BPOS (Business Productivity Onli大南ne Suite) service, if you討樹 use Microsoft's North American fac慢雜ilities access service customers may相議 encounter a problem, this failur舞又e lasted two hou煙草rs. Although Microsoft en件刀gineers later claimed 低樂to have solved the problem, b林在ut did not solve t家資he fundamental problem, wh快房ich is also produced September 3 and 厭腦September 7 service inter也外rupted again.
Microsoft's Clint Patterson said笑能 this data breaches are caused by error通不s due to Microsoft data centers in 匠我the United States, Europe and Asia,的街 a determined set廠路. BPOS software in the offlin鐘到e address book in the "very sp好文ecial circumstances" available懂這 to unauthorized users. 來她The address book contains the contac遠科t information.
Microsoft said計兒 that this error fixed two hours 畫對after the discovery. Microsoft said i他科t has tracking facilities, to ena去但ble it to get in touch with people w要風ho download these data erro弟視rs in order to clear these da拍們ta.
Off network incentives: sys術友tem failure
Typical event 1: GoDaddy來技 the website DNS server interru草裡pt
The fault reasons:電北 data table within a 鄉讀series of routers in the system c也了aused by network out作短ages
The GoDaddy we大冷bsite DNS server 錢木interrupts: September 10, 2雪業012 the domain name giant GoDadd煙南y DNS server is one of the mos生去t important suppliers,劇不 which has 5,000,000 websites and 讀外manages over 50 million domain 通多names. This is why th件民e disruptions will be the most devas他吃tating event in 2們木012 on September 10說明.
Some speculation even to the習農 interrupt event你中s for up to six hou飛公rs is the result of denial of能說 service attacks, but GoDaddy later 草問said, this router ta暗舊ble corrupted data. Ser開好vice interruption is not caused by 關暗external influences. "GoDa懂鄉ddy interim CEO 史葛瓦格納 said. &q舊吧uot;This is not a hacker 著答attack is not a denia鐘河l of service attack (DD工分oS) We have determined that th用自e service interruption is d雨制ue to damage to the network拍北 event caused by the series of route鐵明rs internal data table."兵地
Typical event: Sheng關農da Yun stored off network
The fault reasons: data空兒 center physical server disk 信歌is damaged
August 6, 2012 8:10 pm S人老hengda Yun due to cloud host failure c們答aused by the loss of兒湖 user data events public st黑視atement published on its offici廠要al microblogging. The sta務還tement said: August 6, 呢低Shengda Yun data 鐘爸center in Wuxi, becau通懂se a single physical ser小風ver disk is damaged, resulti短火ng in the loss of individual users'看友 data. Shengda Yun has to make every紙水 effort to assist the us跳河er to recover data.
Lead to individual user嗎去s' data lost because of a phys秒我ical server disk is 老分damaged, Shengda Yun technicians ar他問e given their own inter少快pretation: the virtual machine&務著#39;s disk, there are two modes of 開村production, a direct host the physical 到街disk. This case, if the host'數制;s physical disk fails, the 笑錢cloud host will inevitably result in th些一e loss of data, which is generated 匠女by the incident reasons; another is 那書to use remote stor愛線age is grand hard disk products, 作少this way the actual is to save t鐵很he user's data to身遠 a remote cluster, and 年友at the same time do mul日靜tiple backups, and even host a fai月新lure will not affect金如 a the Cloud host of dat東銀a. Difficult to a那湖void because the p放喝hysical damage to the machine, i黃開n order to avoid accidental loss下得 you are experiencing吧紙, we recommend that yo討費u also do data backup t近很o cloud host.
Typical events 3: Google A問費pp Engine interru日雪pt service
The cause of the malfu分師nction: network de微來lay
Google App Eng又輛ine: GAE WEB applicatio可光n development and hosting p科謝latform, data center management b南又y google interrupt刀視 time is October 26th, and la中現sted 4 hours, because su月白ddenly become slow to resp術河ond, and an error. Affe路公cted, 50% of the GAE 刀懂request fails.
Google said th上問at there is no loss of校問 data, application behavior also have b中不ackup can be restored. Apolo到長gize, google ann藍他ounced Nov. use子做r can google said th數吃ey are strengthening their network s秒費ervices to cope with the pro光房blems of networ照吧k delay, "We ha花數ve enhanced the呢化 flow routing capabilities, and to a老厭djust the configuration制新, these will effectively 媽月prevent such problems fro聽一m happening aga們還in.
The off net incentive Five: Sy門風stem Bug
Typical Event 1: Azure global inter票關rupt service
The cause of the acciden爸北t: Software Bug calculated incorrectly 術新result in a leap year time
February 28, 2影老012, due to the le請都ap year bug "causing Microsoft A體海zure service a large area北紅 on a global scale呢計 to interrupt, the interrupt time over 媽西24 hours. Although Microsoft said the 制分software bug is inco樹短rrect leap year calculati兒湖on of time lead, but the incident pro紙鄉voked a strong reaction in相大 many users, many people asked 我子Microsoft to make more re師數asonable explanation for 高西this purpose.
The typical event 2: Gmail e-ma刀湖il the outbreak of a global fa廠喝ilure
The cause of the acciden海日t: data center rou窗房tine maintenance, the side effects還花 of the new code
February 24, 2009報我, Google's Gmail e-mail 吧關to the outbreak of the global failu能物re service interrupted time up 嗎行to 4 hours. Google explained the caus明舞e of the accident: when routi雪就ne maintenance of the data center in E花笑urope, some of the new program cod雪鐘e (trying to geographical proximit黃服y data focus on all of the body) s和區ome side effects, le技姐ading to another data center in E討放urope to overload, so The knock-on effe明花ct on the expansio但雪n and interface to other data cen在呢ters, and ultimately 懂但lead to the disconnection of the glob是匠al and other data 飛做center does not work.
Typical event: "5.飛下19 off network events
The cause of the acci筆知dent: the client-side software Bu分請g, internet terminals frequent DNS r門雪equests, triggering 區藍DNS congestion
May 19, 2009, 21:50, Jiangsu, Anhui,分費 Guangxi, Haina制月n, Gansu, Zhejiang and other門都 six provinces user declaration to ac店商cess the site slow or inaccessible遠電. Unit investigating after the 睡吃Ministry of Com光喝munications, said the nat訊動ional six provinces netwo錯金rk disruptions, because a comp河機any launched the client software呢好 defects, resul物坐ting in the install身水ation of the software of the Inte見我rnet, in the case of abnor站些mal work of the company紙術's domain name authorization server電讀 terminal frequently 去對initiate DNS request triggered DNS co南金ngestion, resulting in a large number o藍音f users access the site s船個low or page can no小上t open.
Which the, DN SPod is the leadin懂東g DNS service provider one唱快 N SPod company servi員拿ce DNS service for a number of well-kno遠件wn websites. The 電算attack resulted in paralysis t弟都he 6 units dns the DN SPo這答d belongs DNS ser好市ver, a direct result個相 of the DNS system par和年alyzed STORM, includin弟服g a number of network service pr鐵腦oviders, and there如到by lead to network congestion, 也喝resulting in a large numb那亮er of users can not be木文 normal Internet. 體答The Ministry of Indust公水ry and pointed out that this inci見友dent exposed the Domain Nam舞訊e Service to become the w白事eak link in net畫現work security, instructed all units 山冷to strengthen the security of the D木你omain Name Service.
Summary
Enable cloud services company, a lar學家ge extent, is conside服船ring such a service c唱學an be more editing, cost-e路筆ffective. However能筆, such considerations if it is什開 based on reducing 河微the cost of securit商身y as, it is estimated that the bos書器s will not agree 間討with a lot of companies. Cloud ser朋市vices off the e去亮ndless stream of events caused by conce東話rns about the safety o地女f the cloud.
Now, the solution can proceed from s南河everal angles, sur商請e cloud services for enterprise-class c拍的ustomers, regular back現那ups of the data of the cloud, wit工討h the second set of soluti女拿ons, in order to pr土電epare for contingencies. For cl有空oud service prov著日iders, since a variety of off-們從network event is inevitable, it must動分 consider a countermeas呢道ure to minimize 下志the loss of their users, improve化都 response efficiency off network even業也ts.
Government departments have re工機sponsibilities of oversi我費ght and remind legal legal cloud新唱 services were introd身音uced and constan術子tly improve, and to rem吃廠ind the user to one hundre時計d percent reliable cloud她人 computing services do no物女t currently exist.