Welcome!

@CloudExpo Authors: Liz McMillan, Pat Romanski, Mehdi Daoudi, Elizabeth White, Rene Buest

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security

@CloudExpo: Article

How the Cloud Will Displace Human Trust

We are witnessing the large-scale industrialization of the data center

We are witnessing the large-scale industrialization of the data center, owned and operated by the ICT operators who specialize in that task, with security technologies in the hands of the end user to remove any need to trust their human operators.

The traditional "protect the perimeter" model of enterprise data security, one where layers of security are added around enterprise data, access to which is limited to trusted insiders, clearly has challenges in a cloud computing model when outsiders (the folks running the cloud) have access to all your data and can monitor everything that you do in their environment.

The solution is not, as some would tell you in the security profession, better certification of cloud providers and external vetting of the human operators. Certification has a role but the ultimate answer will be the invention of technologies that completely remove the need for trusting the human operators.

There is a historical precedent for this. In a previous era longshoremen who handled cargo at ports (outsourced storage and compute) had a series of certifications on their security that were manually audited by government officials. Eventually, containerization and automation of ports made those certifications irrelevant, solving the problem using technology and dramatically increasing the amount and speed of international trade.

As Jason Hoffman, CTO of Joyent, (a competitor of Amazon Web Services), likes to point out: "data centers are the digital ports of the 21st century, the bit is the new economic good, measured in bytes and contained in packets, words and blocks."

The analogy is striking and it is likely that technology will again solve the problems that currently hinder adoption of the cloud by enterprises.

Each pillar of the CIA triad of data security - confidentiality, integrity and availability - is currently experiencing tremendous innovation, easing and accelerating adoption.

Availability is the easiest to understand: how a public cloud model can deliver better performance over enterprises owning their own data centers. Consider how the earthquake and subsequent tsunami in Japan made the banking community realize that having a main data center in Tokyo with a backup in Yokohama, just 50km away, wasn't such a smart idea. Contrast that with the latest object-store solutions that provide multi-continent, multi data-center storage redundancy and availability. An example is Joyent's Global Compute Network, a global alliance of telecommunication providers offering cloud services allowing end users to migrate their data and applications to multiple locations around the world with nothing more than a mouse click.

Integrity, possibly the least understood of the security triad, is keyless signature infrastructure (KSI), which provides digital signatures for data on a massive scale. Keyless means that the integrity of the data can be verified without reliance on cryptographic keys, removing the need to have a trusted human anywhere in the verification chain. Banks such as SEB, ecommerce providers such as Rakuten, and governments globally such as China and Estonia are integrating KSI deeply into their data centers, ensuring that every system event and object modification is linked together in a causal chain, the proof of integrity of which is independently verifiable by users, regulators or auditors. Regulatory compliance requires enterprises to prove the integrity of their archived data, spending as much as $10,000 per TB for hardware-based solutions. Now this can be done in software in a public cloud at a small fraction of the price.

Confidentiality is possibly the biggest concern for enterprises to adopt a fully public cloud model. Yet here too there is tremendous innovation. Since IBM's Craig Gentry announced his Fully Homomorphic Encryption (FHE) scheme there has been intense research in the academic community to build something practical. FHE implies that you can store encrypted data in the cloud but still run applications on that encrypted data, decrypting the result locally only when an authenticated end user needs to view it, thereby removing any possibility of the cloud operator or outside attacker breaching the confidentiality of the data. Recent results by cryptographers Brakerski and Vercauteren indicate that practical implementations of FHE may be on the horizon.

Subsets of FHE such as functional encryption or searchable encryption can achieve the same result for specified use cases. As a simple example of this technology, imagine if you encrypted a search term say "Britney Spears" and entered the encrypted result into a search engine. The results you get back would be gibberish until you decrypt them, giving you the latest gossip on Britney without anyone having any knowledge of what you searched for.

Encrypted search of course requires a lot more computational power, which is great news for companies like Intel but also for the service providers that can offer a premium service with encryption enabled applications.

I recently had the opportunity to read George Dyson's history of computing, "Turing's Cathedral," where he traces the digital universe to a nucleus of 32-by-32-by-40 bit matrix of high-speed random access memory built in 1953. Since then there has been wave after wave of innovation and while cloud computing represents the next wave, the impact for the enterprise may be the most profound.

We are witnessing the large-scale industrialization of the data center, owned and operated by the ICT operators who specialize in that task, with security technologies in the hands of the end user to remove any need to trust their human operators. Driven by competitive forces this will lead to a level of service and security vastly superior to what they can be achieved in-house, allowing enterprise IT budgets to be slashed yet providing on-demand the latest software applications.

It will take time for regulators to be convinced, but eventually it will be become obvious that the technologies described above will enable regulated businesses to be more reliable, more secure than before and the barriers to cloud adoption will be eased. The inevitable conclusion will be an enterprise IT model with zero assets in-house and a massive expansion of business for ICT operators who are operating the data centers and providing indemnification against any business loss.

That time might be closer than you think.

More Stories By Mike Gault

Mike Gault is CEO of Guardtime, the developer of Keyless Signatures that algorithmically prove the time, origin and integrity of electronic data. He started his career conducting research in Japan on the computer simulation of quantum effect transistors. He then spent 10 years doing quantitative financial modeling and trading financial derivatives at Credit Suisse and Barclays Capital. Mike received a Ph.D. in Electronic Engineering from the University of Wales and an MBA from the Kellogg-HKUST Executive MBA Program.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. Jack Norris reviews best practices to show how companies develop, deploy, and dynamically update these applications and how this data-first...
Intelligent Automation is now one of the key business imperatives for CIOs and CISOs impacting all areas of business today. In his session at 21st Cloud Expo, Brian Boeggeman, VP Alliances & Partnerships at Ayehu, will talk about how business value is created and delivered through intelligent automation to today’s enterprises. The open ecosystem platform approach toward Intelligent Automation that Ayehu delivers to the market is core to enabling the creation of the self-driving enterprise.
"We're here to tell the world about our cloud-scale infrastructure that we have at Juniper combined with the world-class security that we put into the cloud," explained Lisa Guess, VP of Systems Engineering at Juniper Networks, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
As more and more companies are making the shift from on-premises to public cloud, the standard approach to DevOps is evolving. From encryption, compliance and regulations like GDPR, security in the cloud has become a hot topic. Many DevOps-focused companies have hired dedicated staff to fulfill these requirements, often creating further siloes, complexity and cost. This session aims to highlight existing DevOps cultural approaches, tooling and how security can be wrapped in every facet of the bu...
Historically, some banking activities such as trading have been relying heavily on analytics and cutting edge algorithmic tools. The coming of age of powerful data analytics solutions combined with the development of intelligent algorithms have created new opportunities for financial institutions. In his session at 20th Cloud Expo, Sebastien Meunier, Head of Digital for North America at Chappuis Halder & Co., discussed how these tools can be leveraged to develop a lasting competitive advantage ...
Connecting to major cloud service providers is becoming central to doing business. But your cloud provider’s performance is only as good as your connectivity solution. Massive Networks will place you in the driver's seat by exposing how you can extend your LAN from any location to include any cloud platform through an advanced high-performance connection that is secure and dedicated to your business-critical data. In his session at 21st Cloud Expo, Paul Mako, CEO & CIO of Massive Networks, wil...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, will provide a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to ...
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
Because IoT devices are deployed in mission-critical environments more than ever before, it’s increasingly imperative they be truly smart. IoT sensors simply stockpiling data isn’t useful. IoT must be artificially and naturally intelligent in order to provide more value In his session at @ThingsExpo, John Crupi, Vice President and Engineering System Architect at Greenwave Systems, will discuss how IoT artificial intelligence (AI) can be carried out via edge analytics and machine learning techn...
SYS-CON Events announced today that Datera, that offers a radically new data management architecture, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera is transforming the traditional datacenter model through modern cloud simplicity. The technology industry is at another major inflection point. The rise of mobile, the Internet of Things, data storage and Big...
As businesses adopt functionalities in cloud computing, it’s imperative that IT operations consistently ensure cloud systems work correctly – all of the time, and to their best capabilities. In his session at @BigDataExpo, Bernd Harzog, CEO and founder of OpsDataStore, presented an industry answer to the common question, “Are you running IT operations as efficiently and as cost effectively as you need to?” He then expounded on the industry issues he frequently came up against as an analyst, and ...
FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, showed how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continu...
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
SYS-CON Events announced today that Pulzze Systems will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems Inc, provides the software product "The Interactor" that uniquely simplifies building IoT, Web and Smart Enterprise Solutions. It is a Silicon Valley startup funded by US government agencies, NSF and DHS to bring innovative solutions to market.