Monday, May 30, 2011

Summer Semester: Shift in Focus, just wow. As I sit here trying desperately to wade through the massive amount of material I must read and prep in 23 days, I sit in awe of how Amazon has implemented the EC2. You are probably wondering why I have sprung this topic without any sort of prelude or previous mention, well that's a funny story actually and it all revolves around being flexible.

So I registered for a seminar course this summer, INFS 890. I must take and pass six of these courses to meet the requirements for the DSc program. What I did not realize involves two things: 1. I have completed my core and 2. It's all specialization and dissertation work from here on out. INFS 890 prepares you for dissertation by allowing you to schedule time and resources for your dissertation topic. I now have a dissertation area, professor, and direction. So when discussing the needs of the course with the instructor I came to a choice, a fork in the road if you will, between network security and cloud security. Given the resources and position of my current work projects I chose cloud security, and to quote Indiana Jones, it would seem that I have chosen wisely.

I started playing with EC2 last week after reading the apology letter from Amazon regarding the recent outage. The way that the infrastructure is set up is amazing. I started creating my own instances and modifying other AMIs to meet my curiosity. Wow...30 seconds to VM creation. So many distributions and so inexpensive. Being able to set the instances in a good arrangement then setting that arrangement as a cloud formation. Wow. I loved being able to setup Ubuntu in just minutes. I doubt I will ever need a home machine to do OS testing and learning. I have been trying to get back into SuSE and instead of buying or re-purposing a machine to do this, I can now just launch a AMI, make the changes I need, and continue on my merry way.

This does leave some serious security questions though, and if the literature at this point is any indication, EC2 security is being left in the hands of the users. The literature on this is far from sparse (YAY), meaning it's a hot topic and there is no great silver bullet answer. I have seen some excellent ideas in the articles so far and I am starting to implement them myself in my own test cloud. Of course I do have to watch the cost, but that's why I applied to the AWS in Education program, perhaps with a little luck, Amazon will allow me to play and learn at a reduced cost.