Novell is offering Novell Cloud Security Service (NCSS), a Web-based identity and access management solution for cloud service providers in India. NCSS will allow SaaS, PaaS, and IaaS providers to offer their enterprise customers the ability to deploy their existing identity infrastructure in the cloud.

With NCSS, currently in private beta but scheduled for release in mid 2010, the company is targeting cloud providers like Amazon, Google, Verizon and many some Indian cloud service providers such as Ramco Systems.

The development for NCSS began about 6 months ago and Novell R&D centre in Bangalore has developed a significant share of this product on the cloud platform along with other R&D centres.

Novell says security can be operated at a number of levels in cloud computing. The first level of security would be how and where data is deployed in a typical workload, data typically being the most sensitive element of any workload.

From Novell’s view, a security policy can be embedded into the workload, and through using orchestration management tools, ensures that the workload is only deployed on hardware or in locations that meet the security policy.

At another level, the company sees a federated-style user access being the key to reducing complexity.  The application or service owner can use the same authentication and authorization as the client uses today, thereby not having to maintain a separate set of identities. It also allows the client to make changes to a security policy, and it will adhere to the changes, regardless of where the workload might be running in the cloud.

Mac fans have another reason to be happy now that Amazon has released an application that lets users read its Kindle ebooks on their machines.

Amazon, maker of the popular Kindle ereader, is trying to cement its leading position as the top maker of ebook readers – and distributor of ebooks – by making content available on other devices.

The move comes just two weeks ahead of the launch of Apple’s new iPad tablet, a device with broader functionality than the Kindle, but which includes an ebook reader application. The iPad, which is expected to arrive next month, is seen as a strong challenge to Amazon.

The online retailer has already made its Kindle books readable on devices such as the Blackberry from Research In Motion and the iPhone and iPod Touch. Kindle books are also readable on PCs.

Security experts at eSacn have warned against opening emails or their attachments with subject lines such as “You have received A Hallmark E-Card!”, “Your friend invited you to twitter!”, “Thank you from Google!”, “Jessica would like to be your friend on hi5!” and “Shipping update for your Amazon.com order 254-71546325-658732″. These emails also carry zipped attachments which have been found to contain new variants of the malware in the wild.

The “You have received A Hallmark E-Card!”, spam email comes with postcard.zip or similarly named attachment. The payload in the zip file contains malware that has the capability to mass mail message(s) with the built-in SMTP client engine to the email addresses harvested from the local computer. The payload also contains a malware with the characteristics of Vundo (aka VirtuMonde/VirtuMundo), a trojan horse that cause popups and advertises rogue antispyware programs.

Vundo can infect a system when a browser just visits a Web site link contained in a spammed email. It is known to add itself to the startup registry, create a DLL file in the Windows system32 directory and inject it into system processes winlogon.exe and explorer.exe. The malware can also send downloads/requests to get other files from Internet and spread quickly by itself in a network.

Another email doing the rounds is taking advantage of the popularity of the social networking sites such as “Twitter” and “Hi5″ to spread itself. These spam emails carry a deadly payload of a variant of the Buzus worm that is network aware bot creating trojan. On infection, it creates a startup registry entry and modifies the host files to prevent access to security websites. It can also send spam mail to the email addresses harvested from the local infected system and try to spread itself.

The malware spreading spam also had subject lines such as “Thank you from Google!” and  “Shipping update for your Amazon.com order 254-71546325-658732″ and were found to be with  attachments that had typical names such as Invitation Card.zip or Postcard.zip or Shipping documents.zip or CV-20100120-112.zip. Any unsuspecting user who opens the files gets infected immediately and the malware then tries to infect other systems in the network by sending the same malicious emails to addresses harvested from local address books on the infected computers.