Thursday, October 8, 2009

Can Cloud Defend Against DDoS Attacks?

I just came across an interesting blog entry titled Can Cloud Defend Against DDoS Attacks? on Govinfo Security, an educational portal catering to security professionals in the Federal Government space.

The blog entry makes an intersting observation claiming that:

"...cloud computing services, such as Google's App Engine and Amazon's Elastic Compute Cloud, or EC2, provide flexible hosting resources that can grow to accommodate a surge in demand. Imagine if the agencies that were affected by the [DDoS] attacks had been sitting in the cloud when the malicious traffic started rolling in. The ability to disrupt agency websites becomes a function of how much capacity Google and Amazon have to support the requests. These providers likely have plenty of bandwidth to sustain the attack and provide service with little to no service disruption.

Here's my problem:

Claiming that "cloud computing services, such as Google's App Engine and Amazon's Elastic Compute Cloud, or EC2, have plenty of bandwidth to sustain a DDoS attack" is akin to arguing that "you can tolerate the cold winter better by becoming fatter."

Is the fact that we have more scalabilty even relevant in a discussion about security?

3 comments:

  1. Great points. All this is doing is perpetuating the root issue by letting it be someone elses problem.

    Regards,
    Mike Walker
    http://www.MikeTheArchitect.com

    ReplyDelete
  2. Thanks Mike. Well said. That is exactly my point...

    ReplyDelete
  3. nice points .... BTw sir do you think that XDOS vulnerability in SOA environment has been taken care off. i mean with loads of security standards like WS security ,there is still scope for XDOS attacks

    ReplyDelete