by Thomas Young, Partner & Managing Director, CIO Services - Infrastructure, TPI
The security of stored data is often cited as one of the key obstacles to organizations adopting Cloud Computing. To be sure, the risks are high if a company’s customer records are compromised as a result of being in an unsecure Cloud environment. That issue is enough to give even the most maverick CIOs pause as they consider their technology plans in the coming years.
However, if we look to other technologies that use public infrastructure, the solution for storing data in the Cloud may be right in front of us. The telecommunications industry has for years provided secure voice and data by encrypting communications and dividing them into multiple fragmented streams. The packets are sent on independent routes over unsecure public telephone networks and the Internet and then re-aggregated and decrypted in a secure environment. Something like secure à unsecure à secure.
All of this happens every time we log onto our brokerage accounts online and we never think twice about it. Why? Because if the packets were intercepted, they would have to be decrypted and re-aggregated for the voice or data stream to make sense. This is possible, but very difficult to do.
The same protocols can be used to store sensitive data in the Cloud. Data can be encrypted and divided at the bit-fragment level and stored in multiple, independent and diverse storage arrays. Each encrypted fragment reveals nothing if intercepted and meaningful information is only revealed if significant clusters of data are decrypted and re-aggregated. Theoretically possible, not likely.
In this architecture, aggregators sit between the application layer and the storage layer and act as an intermediary to the computing platforms that need the data, pushing and pulling these fragments. This is how Google search is architected. The data is read from storage, processed, and rewritten to storage, or something like this: secure à unsecure à secure. Just like in the telecommunications example, the unsecure segment is effectively secure because the data is fragmented and encrypted.
SNIA (www.snia.org) is working on standards to deploy this kind of technology so that data security will no longer be a barrier to cloud computing adoption. And in the future, when the auditors ask if your customer data is secure, you will be able to say, “Yes, it’s lost in the Cloud.”
I do not think that each student in whole world has got a passion of college essay creating! However, persons ,which do not know how to write should take a support of distinguished paper writing service and enjoy a success.
Posted by: Sophie35lR | February 19, 2010 at 01:32 AM
There is alot of thrashing in this space and it is hard to determine which Cloud to goto as everyone is doing something a little different – its hard to compare Cloud 2 Cloud. A similar diagnosis is by David Chappell:
"If I ruled the world”, says David Chappell, “I would make the phrase ‘private cloud’ illegal”. In conversation with David Gristwood, David Chappell, during his recent world tour, discusses the Cloud, its importance and role in the partner ecosystem, and cloud players, such as Google, Amazon, Salesforce.com, VMware and more. You can see his Cloud2Cloud comparison in brief here: http://www.youtube.com/watch?v=e7NHQdh8_uo
A more recent talk with David Chappell on this topic where he covers others issues such as:
- IaaS vs PaaS
- Private vs Public Cloud
- Applications that are not a great fit for the Cloud and those which are.
- The threat of Public Cloud to IT departments
see: http://channel9.msdn.com/posts/David+Gristwood/Conversations-with-David-Chappell-about-Windows-Azure-and-Cloud-Computing/
thoughts?
hope that helps,
-cn
Posted by: CloudNinja | June 24, 2010 at 06:54 PM