Microsoft talks cloud computing security and plans to offer private cloud software

A project code-named Sydney is described as a security structure for cloud environments

With Microsoft's Azure cloud computing platform set to go live on New Year's Day, the company is looking ahead to later in 2010 when it will unveil a new security structure for multi-tenant cloud environments as well as private cloud software based on the same technology used to build Azure.

Hasan Alkhatib, the Azure senior architect, described the Microsoft security project code-named "Sydney" Thursday at an Xconomy forum on cloud computing held at Microsoft's New England R&D Center in Cambridge, Mass.

[ Get the no-nonsense explanations and advice you need to take real advantage of cloud computing in InfoWorld editors' 21-page Cloud Computing Deep Dive PDF special report. | Stay up on the cloud with InfoWorld's Cloud Computing Report newsletter. ]

In addition to embedding greater security into the public cloud, Alkhatib said Microsoft is planning to help customers build private cloud networks within their own datacenters, using the same software Azure is based on.

"Every customer says 'where can we get a private cloud?'" Alkhatib said. "We're building them. Within a short period of time private clouds will be available with the same technology we've used to build Windows Azure."

However, Alkhatib said he thinks private clouds lack most of the benefits of public clouds, and focused most of his talk on the Azure services that will be offered publicly over the Web.

Project Sydney, unveiled last month at Microsoft's Professional Developers Conference, addresses security in virtualized, multi-tenant environments in which customers are typically sharing data center resources.

Sydney will provide isolation between customers' cloud resources with network virtualization, and provide secure connections between an enterprise's internal data center equipment and what it uses in the cloud, Alkhatib said. Sydney will aggregate "any arbitrary set of endpoints," including servers and client machines inside the enterprise and resources in a public cloud service like Azure, and create what Alkhatib called a "virtual network overlay" which is secured with IPsec and which can only be accessed by those authorized to do so.

"All these elements appear to each other as if they have a dedicated, private network," Alkhatib said.

Regulatory compliance in cloud computing is still a major challenge, however. Alkhatib said the IT industry must lobby agencies to accept new security guidelines that are based on logical, rather than physical structures.

Microsoft hasn't announced a release date for Sydney but is committed to delivering at least a beta version in 2010, Alkhatib said. The private cloud product based on Azure may also come out in 2010, he said.

Microsoft today is running Azure out of datacenters in Chicago and Texas, and will add four more datacenters in January in Dublin, Amsterdam, Singapore, and Hong Kong, Alkhabit said.

This story, "Microsoft talks cloud computing security and plans to offer private cloud software" was originally published by Network World.

Copyright © 2009 IDG Communications, Inc.

How to choose a low-code development platform