Entries in Cloud Storage (2)

Wednesday
Aug072013

Hardware Solution for Cloud Data Security? Ascend

This may, in the long term, represent one way in which security for cloud-resident data-at-rest becomes manageable and cost-efficient.

Hardware Trick Could Keep Cloud Data Safe - IEEE Spectrum:

Dubbed Ascend, the component hides the way CPUs request information in cloud servers, making it immensely difficult for attackers to glean information about the data stored there. Such a hardware-reliant scheme is an unusual proposition in the realm of cloud security, which is dominated by software solutions.
The researchers assume that sensitive data on cloud servers is already encrypted—typically the first line of defense when it comes to data security. Ascend goes a step further, its designers say, by dealing with sneak attacks that can happen through various so-called side channels. In a side-channel attack, an observer measures things like computation time, memory traffic, and power consumption to infer the behavior of a program running on that hardware, and from that the watcher can glean some information.

 

Monday
Dec032012

AWS re:Invents Workflow and Hybrid Storage

While the news about AWS RedShift had the 'drama' and novelty, it implies an attention to enterprise customer requirements that is ALSO found in an important, but less heralded, service and a ground-breaking partnership. 

Data Pipeline: The workflow services with which users can create a variety of reasonably straightforward data processing workflows, with all of the major AWS services and their 'manageable' objects, are now capable of being included in a work flow.  While it won't be the tool of choice for the expert DBA, it will be appropriate for the work-group user that signs up to use AWS rather than the Corporate IT resource.  Over time, this will become more sophisticated.

NetApp Private Storage for AWS: This 'joint infrastructure' offering allows customers to utilize both private and public cloud resources, and is one of the only services I have seen that builds on the AWS Direct Connect capabilities announced last year.  This starts to address a set of requirements that have been called out by enterprise IT related to safe and performant data storage (and data transport) from on-premise data center to managed data center to AWS.  It begins to take into account the data residency and data privacy issues about which enterprise IT has been most vocal.

That said, as important as the AWS private storage services is the way in which AWS must now address the issues of contractual responsibility and liability of AWS data 'stewardship.' Similarly, AWS owes 'the enterprise' some clarity about the respective contractual responsibilities of AWS and its enterprise customers when using AWS' multi-tenant resources.   When these issues are addressed to the satisfaction of enterprise IT hard-cases, the compliance auditors, and PII regulators, the resulting explosion of cloud usage in hybrid environments by enterprise customers will dwarf the last two years' growth of AWS… and that's saying something.