Click here to close now.

Welcome!

Security Authors: Brad Thies, Pat Romanski, Elizabeth White, Liz McMillan, Srinivasan Sundara Rajan

Related Topics: Cloud Expo, SOA & WOA, Virtualization, Web 2.0, Security

Cloud Expo: Article

How the Cloud Will Displace Human Trust

We are witnessing the large-scale industrialization of the data center

We are witnessing the large-scale industrialization of the data center, owned and operated by the ICT operators who specialize in that task, with security technologies in the hands of the end user to remove any need to trust their human operators.

The traditional "protect the perimeter" model of enterprise data security, one where layers of security are added around enterprise data, access to which is limited to trusted insiders, clearly has challenges in a cloud computing model when outsiders (the folks running the cloud) have access to all your data and can monitor everything that you do in their environment.

The solution is not, as some would tell you in the security profession, better certification of cloud providers and external vetting of the human operators. Certification has a role but the ultimate answer will be the invention of technologies that completely remove the need for trusting the human operators.

There is a historical precedent for this. In a previous era longshoremen who handled cargo at ports (outsourced storage and compute) had a series of certifications on their security that were manually audited by government officials. Eventually, containerization and automation of ports made those certifications irrelevant, solving the problem using technology and dramatically increasing the amount and speed of international trade.

As Jason Hoffman, CTO of Joyent, (a competitor of Amazon Web Services), likes to point out: "data centers are the digital ports of the 21st century, the bit is the new economic good, measured in bytes and contained in packets, words and blocks."

The analogy is striking and it is likely that technology will again solve the problems that currently hinder adoption of the cloud by enterprises.

Each pillar of the CIA triad of data security - confidentiality, integrity and availability - is currently experiencing tremendous innovation, easing and accelerating adoption.

Availability is the easiest to understand: how a public cloud model can deliver better performance over enterprises owning their own data centers. Consider how the earthquake and subsequent tsunami in Japan made the banking community realize that having a main data center in Tokyo with a backup in Yokohama, just 50km away, wasn't such a smart idea. Contrast that with the latest object-store solutions that provide multi-continent, multi data-center storage redundancy and availability. An example is Joyent's Global Compute Network, a global alliance of telecommunication providers offering cloud services allowing end users to migrate their data and applications to multiple locations around the world with nothing more than a mouse click.

Integrity, possibly the least understood of the security triad, is keyless signature infrastructure (KSI), which provides digital signatures for data on a massive scale. Keyless means that the integrity of the data can be verified without reliance on cryptographic keys, removing the need to have a trusted human anywhere in the verification chain. Banks such as SEB, ecommerce providers such as Rakuten, and governments globally such as China and Estonia are integrating KSI deeply into their data centers, ensuring that every system event and object modification is linked together in a causal chain, the proof of integrity of which is independently verifiable by users, regulators or auditors. Regulatory compliance requires enterprises to prove the integrity of their archived data, spending as much as $10,000 per TB for hardware-based solutions. Now this can be done in software in a public cloud at a small fraction of the price.

Confidentiality is possibly the biggest concern for enterprises to adopt a fully public cloud model. Yet here too there is tremendous innovation. Since IBM's Craig Gentry announced his Fully Homomorphic Encryption (FHE) scheme there has been intense research in the academic community to build something practical. FHE implies that you can store encrypted data in the cloud but still run applications on that encrypted data, decrypting the result locally only when an authenticated end user needs to view it, thereby removing any possibility of the cloud operator or outside attacker breaching the confidentiality of the data. Recent results by cryptographers Brakerski and Vercauteren indicate that practical implementations of FHE may be on the horizon.

Subsets of FHE such as functional encryption or searchable encryption can achieve the same result for specified use cases. As a simple example of this technology, imagine if you encrypted a search term say "Britney Spears" and entered the encrypted result into a search engine. The results you get back would be gibberish until you decrypt them, giving you the latest gossip on Britney without anyone having any knowledge of what you searched for.

Encrypted search of course requires a lot more computational power, which is great news for companies like Intel but also for the service providers that can offer a premium service with encryption enabled applications.

I recently had the opportunity to read George Dyson's history of computing, "Turing's Cathedral," where he traces the digital universe to a nucleus of 32-by-32-by-40 bit matrix of high-speed random access memory built in 1953. Since then there has been wave after wave of innovation and while cloud computing represents the next wave, the impact for the enterprise may be the most profound.

We are witnessing the large-scale industrialization of the data center, owned and operated by the ICT operators who specialize in that task, with security technologies in the hands of the end user to remove any need to trust their human operators. Driven by competitive forces this will lead to a level of service and security vastly superior to what they can be achieved in-house, allowing enterprise IT budgets to be slashed yet providing on-demand the latest software applications.

It will take time for regulators to be convinced, but eventually it will be become obvious that the technologies described above will enable regulated businesses to be more reliable, more secure than before and the barriers to cloud adoption will be eased. The inevitable conclusion will be an enterprise IT model with zero assets in-house and a massive expansion of business for ICT operators who are operating the data centers and providing indemnification against any business loss.

That time might be closer than you think.

More Stories By Mike Gault

Mike Gault is CEO of Guardtime, the developer of Keyless Signatures that algorithmically prove the time, origin and integrity of electronic data. He started his career conducting research in Japan on the computer simulation of quantum effect transistors. He then spent 10 years doing quantitative financial modeling and trading financial derivatives at Credit Suisse and Barclays Capital. Mike received a Ph.D. in Electronic Engineering from the University of Wales and an MBA from the Kellogg-HKUST Executive MBA Program.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
With several hundred implementations of IoT-enabled solutions in the past 12 months alone, this session will focus on experience over the art of the possible. Many can only imagine the most advanced telematics platform ever deployed, supporting millions of customers, producing tens of thousands events or GBs per trip, and hundreds of TBs per month. With the ability to support a billion sensor events per second, over 30PB of warm data for analytics, and hundreds of PBs for an data analytics archive, in his session at @ThingsExpo, Jim Kaskade, Vice President and General Manager, Big Data & Ana...
In the consumer IoT, everything is new, and the IT world of bits and bytes holds sway. But industrial and commercial realms encompass operational technology (OT) that has been around for 25 or 50 years. This grittier, pre-IP, more hands-on world has much to gain from Industrial IoT (IIoT) applications and principles. But adding sensors and wireless connectivity won’t work in environments that demand unwavering reliability and performance. In his session at @ThingsExpo, Ron Sege, CEO of Echelon, will discuss how as enterprise IT embraces other IoT-related technology trends, enterprises with i...
When it comes to the Internet of Things, hooking up will get you only so far. If you want customers to commit, you need to go beyond simply connecting products. You need to use the devices themselves to transform how you engage with every customer and how you manage the entire product lifecycle. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, will show how “product relationship management” can help you leverage your connected devices and the data they generate about customer usage and product performance to deliver extremely compelling and reliabl...
The Internet of Things (IoT) is causing data centers to become radically decentralized and atomized within a new paradigm known as “fog computing.” To support IoT applications, such as connected cars and smart grids, data centers' core functions will be decentralized out to the network's edges and endpoints (aka “fogs”). As this trend takes hold, Big Data analytics platforms will focus on high-volume log analysis (aka “logs”) and rely heavily on cognitive-computing algorithms (aka “cogs”) to make sense of it all.
One of the biggest impacts of the Internet of Things is and will continue to be on data; specifically data volume, management and usage. Companies are scrambling to adapt to this new and unpredictable data reality with legacy infrastructure that cannot handle the speed and volume of data. In his session at @ThingsExpo, Don DeLoach, CEO and president of Infobright, will discuss how companies need to rethink their data infrastructure to participate in the IoT, including: Data storage: Understanding the kinds of data: structured, unstructured, big/small? Analytics: What kinds and how responsiv...
The Workspace-as-a-Service (WaaS) market will grow to $6.4B by 2018. In his session at 16th Cloud Expo, Seth Bostock, CEO of IndependenceIT, will begin by walking the audience through the evolution of Workspace as-a-Service, where it is now vs. where it going. To look beyond the desktop we must understand exactly what WaaS is, who the users are, and where it is going in the future. IT departments, ISVs and service providers must look to workflow and automation capabilities to adapt to growing demand and the rapidly changing workspace model.
Sensor-enabled things are becoming more commonplace, precursors to a larger and more complex framework that most consider the ultimate promise of the IoT: things connecting, interacting, sharing, storing, and over time perhaps learning and predicting based on habits, behaviors, location, preferences, purchases and more. In his session at @ThingsExpo, Tom Wesselman, Director of Communications Ecosystem Architecture at Plantronics, will examine the still nascent IoT as it is coalescing, including what it is today, what it might ultimately be, the role of wearable tech, and technology gaps stil...
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. He discussed opportunities and challenges ahead for the IoT from a market and technical point of vie...
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS solutions that provide a Hadoop flavor either make choices for customers very flexible in the name of opti...
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impact.
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and expertise to guard against those threats. But will that be enough? In the foreseeable future attacks w...
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize supplier management. Learn about enterprise architecture strategies for designing connected systems tha...
Wearable devices have come of age. The primary applications of wearables so far have been "the Quantified Self" or the tracking of one's fitness and health status. We propose the evolution of wearables into social and emotional communication devices. Our BE(tm) sensor uses light to visualize the skin conductance response. Our sensors are very inexpensive and can be massively distributed to audiences or groups of any size, in order to gauge reactions to performances, video, or any kind of presentation. In her session at @ThingsExpo, Jocelyn Scheirer, CEO & Founder of Bionolux, will discuss ho...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along with a steady stream of well-publicized data breaches, only add to the uncertainty
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures traffic gets delivered faster, safer, and more reliably than ever.
As organizations shift toward IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection &E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 16th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships, will discuss how to cut costs, scale easily, and unleash insight with CommVault Simpana software, the only si...
Cloud data governance was previously an avoided function when cloud deployments were relatively small. With the rapid adoption in public cloud – both rogue and sanctioned, it’s not uncommon to find regulated data dumped into public cloud and unprotected. This is why enterprises and cloud providers alike need to embrace a cloud data governance function and map policies, processes and technology controls accordingly. In her session at 15th Cloud Expo, Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems, will focus on how to set up a cloud data governance program and s...
Roberto Medrano, Executive Vice President at SOA Software, had reached 30,000 page views on his home page - http://RobertoMedrano.SYS-CON.com/ - on the SYS-CON family of online magazines, which includes Cloud Computing Journal, Internet of Things Journal, Big Data Journal, and SOA World Magazine. He is a recognized executive in the information technology fields of SOA, internet security, governance, and compliance. He has extensive experience with both start-ups and large companies, having been involved at the beginning of four IT industries: EDA, Open Systems, Computer Security and now SOA.
The industrial software market has treated data with the mentality of “collect everything now, worry about how to use it later.” We now find ourselves buried in data, with the pervasive connectivity of the (Industrial) Internet of Things only piling on more numbers. There’s too much data and not enough information. In his session at @ThingsExpo, Bob Gates, Global Marketing Director, GE’s Intelligent Platforms business, to discuss how realizing the power of IoT, software developers are now focused on understanding how industrial data can create intelligence for industrial operations. Imagine ...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing and analyzing streaming data is the Lambda Architecture, representing a model of how to analyze rea...