Sun Microsystems has unveiled an open source cloud security capabilities and announced support for the new Security Guidance from the Cloud Security Alliance.
Sun said the introduction of cloud security architectural building blocks will help offer cloud services that are manageable when used in public, private or hybrid cloud environments. The security tools help in securing data in transit, data at rest, and data in use in the cloud, and work with cloud offerings from vendors including Amazon and Eucalyptus.
In addition, the company also released several open source cloud security tools including OpenSolaris VPC Gateway, Immutable Service Containers (ISC), Security Enhanced Virtual Machine Images (VMIs) and Cloud Safety Box.
According to Sun, OpenSolaris VPC Gateway provides customers with choice, when connecting their systems to the Amazon Virtual Private Cloud. The software enables customers to create a communications channel to a Virtual Private Cloud without the need for networking equipment.
The company said that the ISC offers architectural patterns with associated deployment strategies. Incorporating security features of the OpenSolaris Operating System, including Solaris ZFS, Solaris Containers, and Solaris IP Filter and Auditing, the ISC architecture leverages service compartmentalisation to create virtual machines with security protection and monitoring capabilities.
Sun said that it has created security-enhanced VMIs for the Amazon Elastic Compute Cloud (EC2) using techniques developed for the Immutable Service Container project. These virtual machines leverage practices including non-executable stacks, encrypted swap and auditing enabled by default. It has also published integrated software stacks such as Solaris AMP and Drupal.
In addition, the Cloud Safety Box simplifies managing encrypted content in the cloud. It automates the compression, encryption and splitting of content being stored in the cloud on any supported operating system including Solaris, OpenSolaris, Linux and Mac OS X using Amazon S3-like interface.
Glenn Brunette, engineer and chief security architect at Sun Microsystems, said: “Security remains one of the major concerns for enterprise customers moving to the cloud. Sun’s new security tools will help address several of these fundamental issues and enable customers to realise the benefits of cloud computing while also managing risk and safeguarding critical assets.”
