Archive

Archive for November, 2011

Content Security and the Cloud

November 30, 2011 Leave a comment

Following on from my previous post about storage in the cloud, the topic of content security, (aka how do you secure what is already stored in the cloud?), seemed like a natural next stop, hence this post. What does it take for content to be deemed secure in the cloud environment, and can it really be so?   

Many months ago, I reviewed a book (for the BCS, Chartered Institute for IT), which dealt with the topic of cloud security, and I recall that although the book’s titular topics of Cloud Security and Privacy was very apt, it did not take a lot of reading to get the gist that security touches every aspect of cloud, right from initial login to choice of service provider and beyond. You may be forgiven for thinking that once your content is deposited in a secure cloud location, e.g. in a highly redundant, uber-secure, private cloud provided by a certified defence contractor, then it must be secure right? Wrong.

The content, and not just the location, is what needs securing. The age old concept of perimeterised security, such as can be found within firewalls, does not apply well to distributed cloud services, hence the need for the actual stored material to have it’s own inherent security (be it encryption, obfuscation, DRM etc.). What really matters is how the material is protected from intentional or accidental leakage.

Several methods or techniques are in use today by cloud service providers to secure the content stored within their services, and just like most things in cloud, you may even get a choice of how locked down you want it to be. Again, I mean locked down as in the actual content, and not the cloud. One of the more promising systems, spearheaded by the video content industry (and Digital Entertainment Content Ecosystem), is the cloud based digital rights locker system known as Ultraviolet, which allows users to buy content once and allow playback across any supporting platform / device. More information about the alliance and partners can be found here.

The key challenge is typically around content usage, and perhaps more importantly, the users intent. The use of otherwise secured content once released / accessed can often introduce an element of risk of leakage which spans anything from intentional copy and distribute (e.g. via the so called analog hole), to accidental misuse or malicious hacking. The impact of content leakage in the cloud can be devastating for content industry players that rely on revenue from their content investments.

The next post on this series will be looking very closely at the challenges facing copyright in the context of the cloud, and I hope to be able to bring back some insight from the rather timely Copyright and Technology 2011 conference, which I am attending today.

Note: This post is brought to you in partnership with Intel(R) as part of the “Technology in tomorrow’s cloud & virtual desktop” series. For more information please click – HERE

Advertisements

Storage and the Cloud

November 18, 2011 2 comments

For this second post in the cloud series, I’d like to take a quick look at the challenges and opportunities around digital content storage in the cloud.

According to Cisco’s visual networking index, by 2015 “the equivalent of an archive of all movies ever made will cross Global IP networks every 4 minutes”, or to put it another way, Global IP traffic will quadruple from 2010 to 2015 with a compound annual growth rate of 32%. Oh, and by the way, over 60% of this traffic will be video! Now, that’s an awful lot of content which implies an increased need for storage, at one point or another in the content life cycle.

It doesn’t take a genius to see the potential for content storage on the cloud, and indeed so many examples already exist of cloud storage providers for both enterprise and consumer specific needs (e.g. think Amazon, Dropbox, or even Apple’s iCloud). So what’s the big deal? Well, according to a recent Storage Networking Industry Association (SNIA) Cloud Adoption Study, over half of enterprise respondents were planning to deploy cloud storage, and up to 60% planned to retain data anywhere between 5 – 20 years plus, on the cloud. This means the content stored on cloud is likely to increase exponentially over time, in light of the aforementioned growth in traffic.

Whilst these trends offer great opportunities, at least for cloud storage services and the content industry ecosystem, it also provides some key challenges to be addressed along the way, e.g. data storage and security, regulatory compliance and retention issues, as well as IP Rights management in a distributed, global digital landscape (the last will be subject of a separate post in this series).

In my opinion, one immediate issue for cloud storage will be how to interoperate, and easily migrate, stored data / content between cloud services. There is clear need for standards for cloud storage, and several initiatives, e.g. SNIA’s Cloud Storage Initiative (which introduced the Cloud Data Management Interface), and the Open Grid Forum’s Open Cloud Computing Interface are certainly steps in the right direction, because they help to specify the attributes, functions and requirements of data and content stored in the cloud. The key message for Enterprises looking to step into the cloud storage arena would be to ensure that their suppliers or vendors have adopted, or plan to adopt, a cloud storage standard early on in the selection process.

Note: This post is brought to you in partnership with Intel(R) as part of the “Technology in tomorrow’s cloud & virtual desktop” series. For more information please click – HERE