Cloud computing is rapidly changing the Internet into a collection of clouds, which provide a variety of computing resources, storage resources, and, in the future, a variety of resources that are currently unimagined.
However, enterprises still face many issues when migrating services to the cloud environment. For example, services may require logging and auditing such that when the enterprise outsources a service to a cloud, control over logging and auditing for that service can be potentially compromised.
Additionally, some services that are controlled within an enterprise environment may not need logging or auditing because their native environment is controllable within the enterprise. But, these same services may require logging and auditing capabilities when outsourced to a cloud because the cloud environment is not controlled by the enterprise. The problem with this is that the services migrated to the cloud may not be written to provide logging or auditing features, such that these services have to be rewritten or substantially modified before they can be migrated to the cloud. So, when a service moves from an enterprise-controlled hardware environment to a cloud environment the traditional means of controlling the logging and auditing of the service are lost.
Also, one function of an “auditing system” that is different than a “logging system” is the ability to not allow access if the system cannot provide a completed audit trail. This also becomes difficult to do in a cloud environment. In fact, such features may not even be a native capability of the service being processed in the cloud. Moreover, because of the great exposure that a service has in the cloud, a “guaranteed” audit may be a requirement by an enterprise before that service is migrated to the cloud. Without a guaranteed audit, a cloud hacker may disable an audit system and allow the service to run without any audit trail. When this happens, the owner of the service may become totally blind on how the application is being used within the cloud.
Still another issue for services that migrate to a cloud environment is that as the services move out of the control of the local physical hardware there is lack of tools to make an effective “Cause and Effect” decision with respect to the executing services. This is so, because an enterprise administrator no longer has access to the hardware such that the ability to track the effect of an inbound event is significantly diminished. Thus, the administrator has a hard time knowing how to manage the services because of a lack of knowledge about network traffic and response times with respect to the administrator's cloud services. So, the administrator cannot dynamically control an operation or a service when it becomes too costly for the enterprise or too slow for the user.