Can a cloud be more secure than a corporate data center?

* The Jericho Forum releasing its spin on the security of cloud computing

The Jericho Forum next week plans to release its spin on the security of cloud computing with the perhaps surprising belief that using a cloud can actually be more secure than running applications and databases out of corporate data centers.

A study of cloud computing by the group defines three scales by which to measure types of clouds: whether it is internal or external; whether it is proprietary or open; and whether it has a security perimeter or not.

These three scales can be arranged as three axes, creating what the group calls a cloud cube in which clouds can be placed and classified, says Adrian Seccombe, a member of the Jericho Forum Board of Management.

He says the safety of cloud computing has yet to be proven and likely requires work to reach acceptable levels. That will mean developing a secure architecture around with cloud computing infrastructure is built. One core building block will be creating data objects that include a definition of what type of security zone the data must stay.

The data itself must restrict its use, he says, in order to maintain its security in a cloud infrastructure that might be compromised regardless of precautions, he says.

If the data can be protected in this way, then the cloud itself can be more flexible and customers can submit data to the cloud and not need to know where it is physically. That flexibility will enable the cloud to make the data as available as possible to authorized users, Seccombe says.

The Jericho Forum plans to release a paper about cloud architecture, its benefits and security concerns during the RSA Conference next week in San Francisco.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.