If you heard many of my conversations with people in ICT about cloud, you might find it hard to believe that we are, in fact, only at the very beginning of the cloud age, with all the uncertainties, complications, and opportunities that would entail.

 To dispel this mistaken idea, let’s take a look at a bit of history. It’s fairly obvious that, cloud age or not, there have always been three pillars of the ICT industry—network, compute, and data—and that we can basically explain every past or present industry trend in terms of the convergence of at least two of these pillars. Take the PC or smartphone: that’s network meets compute. The network-storage industry comes from mixing data and network. Big data is compute plus data, and so on.

Read my article in Ericsson Business Review titled: Head in the clouds: is the ICT industry fooling itself?

Network, compute, and data

Cloud is the ultimate convergence of these three pillars. It’s a complete systems approach to network, compute, and data under a single operational, automation, and governance domain. For the first time, server, storage, and network infrastructure is completely integrated, which means that simply thinking of cloud as a different delivery mechanism for software really understates its true significance.

Governance at heart of security questions

But it’s the governance domain that poses the most serious questions. Consider that the whole point of cloud is accessibility—unlike traditional IT and telecom systems, which can be compared to completely closed boxes with a cable going in one end and out the other, almost anybody can get inside a public cloud system and program against it. This makes clouds convenient and easy to use, but it also constitutes their major disadvantage. The classical security model is built on the exact opposite principle, namely strictly limited access, and that’s simply not an option anymore.

It’s hard to overestimate the scale of this challenge. In fact, the classical security model views a public cloud—with unknown numbers of unknown people running unknown applications with accessed hardware—as the very definition of a compromised system. The cloud requires us to start from the point at which this classical model breaks down and to assume not only that everything been accessed, but that this has actually been done on purpose.

Finding a new model of data securityBlockchain-ebook-Ericsson-hyperscale-cloud-data-integrity-driverless-cars.png

Finding a new model that guarantees the integrity and confidentiality of data in a system without secrets is an enormous task. There are some potential solutions under development. For example, several companies are working on approaches to data integrity based on keyless signatures and keyless encryption, and some of the most interesting research in this area focuses on homomorphic encryption, or trying to figure out how encrypted information can be accessed without unencrypting it. Get this right, and there’s no need for a trust model at all, since there’s literally nothing that users have to trust their cloud providers to keep secret.

But if this sounds like a Herculean undertaking, that’s because it is. The industry is still a long way from cracking this particular nut, and the lack of robust governance and transparency remains both a top stumbling block to widespread enterprise adoption of the public cloud and the principal reason why cloud still represents such a low share of enterprise IT spend.

Sign up for the Hyperscale Cloud blog

 


Security Governance Digital Industrialization

Jason Hoffman

Jason Hoffman is the Head of Product Area Cloud Systems at Ericsson. Previously he was the Head of Cloud Technologies where he's responsible for product, architecture and engineering and prior to that Head of Product Line, Ericsson Cloud System and Platforms in the former Business Unit Cloud and IP. Prior to that he was a founder and the CTO at Joyent, a pioneering high performance cloud IaaS and software provider, where he ran product, engineering, operations and commercial management for nearly a decade. He is considered to be one the pioneers of large scale cloud computing, in particular the use of container technologies, asynchronous, high concurrency runtimes and converged server, storage and networking systems. Jason is also an angel investor, strategy and execution advisor, venture and private equity advisor and on the boards of the Wordpress Foundation and New Context, a Digital Garage company. Jason has a BS and MS from UCLA and a PhD from UCSD. He is a San Francisco native that now lives in Stockholm with his wife and daughters.

Follow Jason Hoffman:
Jason Hoffman

Discussions