Archive

Posts Tagged ‘Cloud’

It’s all IP in the Cloud

March 31, 2011 Leave a comment

All the hype surrounding Cloud computing, coupled with the mandatory cautionary tales around security and control, or the lack thereof, makes it is easy to overlook a small but significant component of the cloud proposition i.e.: Who owns what Intellectual Property in the Cloud?

If we take as an example, a simple cloud-based application or service, (i.e. one that is developed, hosted and operated in the Cloud), which enable users to create mash-ups of information and content derived from other cloud services and web applications, and which may be physically located in various other parts of the world (remember this is Cloud we’re talking about), who should be held responsible for any infringement of confidentiality or Intellectual Property such as: copyright, trade secrets, designs or patents, in such an environment?

The elephant-in-the-room answer to that question is how to go about establishing the correct chain or web of responsibility – Ergo:

  • Is it the cloud service provider, (with their hermetically sealed and caveated contracts)?
  • Is it the cloud-based service operator (again with their watertight EULAs)?
  • is it, as often tends to be the case in these things, the hapless end-user / consumer who in effect has directly infringed someone’s IP by using that service in the first place (i.e. assuming they did not intend to infringe anything at all)?
  • Or is it all of the above?

The above scenario clearly speaks to the heart of the matter with IP in the Cloud; i.e. there is an alarming lack of transparency with respect to data, information, content and their different usage and ownership models in the Cloud context. Furthermore, when one adds in other constraints (e.g. annoyingly out-of-step, geo-political territorial restrictions on mobility) to such innovative Cloud based services as Amazon’s Cloud Drive , one could easily end up with a truly formidable challenge that defies any simple or simplistic resolution scenarios.

An army of lawyers, (even ones improbably well versed in computer technology and programming), could not hope to decipher such puzzles in a month of Sundays. So where does that leave us? Luckily nowhere too nasty yet, as sparse incidents of cloud related IP infringement cases can attest. Fortunately, the seeds of potential solutions may be found in the foresight of initiatives like Free and Open Source Software, with their liberal licenses, or the Creative Commons which provide appropriate interfaces for human, machine and the legal systems to use and re-use digital content legally (See my separate blog article for more information about the Creative Commons).

In conclusion, at this point in time a lot of attention is being paid to such cloudy issues as: Cloud security, data access and controls, as well as service assurance and business continuity; but once these are resolved and have become Business-as-Usual, the lack of clarity around IP in the Cloud may surface to negative effect. The time is right for all stakeholders (i.e.:  Cloud service providers and operators; business and consumer end-users; Policy makers) and their trusted advisers to start thinking about addressing and influencing the potential outcome of a major IP meltdown in the Cloud.

There’ll yet be music in the skies!

December 23, 2010 2 comments

It’s been a long time coming, and probably still a long way to go, but the vision of a celestial jukebox for music “anywhere, anytime and on any device”, is creeping ever closer to becoming reality. A couple of interesting, if unrelated, developments provide support for my optimism.

Ok, first of all, the means to access music, anywhere, anytime and on any device is already available (and it’s called the Internet). Thanks to file-sharing, P2P, Torrent and streaming technologies, anyone with a decent connection can do just that. However, it is not always legal, nor in the best interests of creative industries and their artistes. Therefore, the solution must be to find a legal way to harness that capability, right? The answer is yes, but the challenges are enormous for any one entity to bear alone. Imagine a target scenario whereby anyone can identify, acquire and play any song wherever, whenever and on whatever device they chose. For example, won’t it be great, if/when you hear a new song you like on the radio, TV, or anywhere else, you could seamlessly add it to your collection, or playlist, for immediate listening or later reference.

Well a colleague suggested that such identify-and-acquire services already exist with the likes of Shazam, but such services don’t deliver a truly seamless experience for many reasons e.g.:

  1. the user has to know to go to Shazam, or some other such service,
  2. she’ll need an account on iTunes or similar in order to purchase that track, and finally,
  3. She must have an appropriate device with which to play it.

Oh, and heaven help her if there are legal restrictions on that purchase, e.g. if she happens to be in a region or territory where that song is not licensed, for whatever reason. See the pattern?

There are simply too many hurdles to jump in order to satisfy an immediate desire or impulse purchase. To my mind, instant gratification is not unreasonable given that the tools with which to make it happen are already available. The following are some key pieces of the jigsaw which might just help address such a challenging picture:

1. Music in the Cloud – There already exist various services / providers like Spotify, Pandora (i.e. streaming); Omnifone, Nokia (i.e. mobile); as well as rumoured propositions from high tech players like Google and Apple. However, it’s always been a challenge to negotiate with music labels, so when a newly launched service claims to allow users to upload their music to the cloud with access any place / time / device, one starts to wonder how long it will take for the law suites to start happening.

2. Global Repertoire Database (GRD) – The GRD is a major initiative to create a single, unified database of musical works that will facilitate music licensing right across the globe. It was launched by an eponymous working group of key industry players including music publishers (i.e. EMI and Universal); collecting societies (i.e. PRS for Music, STIM and SACEM); and major digital / mobile players (i.e. Amazon, iTunes and Nokia). More information on GRD can be found at: http://globalrepertoiredatabase.com/faq.html.  So how does GRD help make the celestial jukebox a reality? Why, by reducing the burden of cross border licensing (i.e. tracking and sharing music royalties and revenue across various territories and regions) which is currently a major headache for the industry.

3. Music Ubiquity – This is the theme for next month’s MidemNet conference, and which hopefully means that we’ll all be singing from the same hymn sheet, at long last, (assuming the twin devils of profit margins and competitive advantage do not get in the way as always). With the appropriate technology available, it has become even more urgent for commercial and legislative stakeholders to deliver the primary desire, of both artistes and consumers, for easier access to music anytime, anywhere and on any device.

Have a wonderful holiday / festive period, and here’s looking forward to an even more productive and progressive 2011!

IT Security is Hot & Cloudy!

September 17, 2010 2 comments

Wednesday’s BCS event on IT security certainly made that point on many different levels. If I was a betting man, I’d wager that the IT security industry is on the brink of a major revolution, on the back of that vague and fluffy thing called the Cloud.

Case in point, my question of how many people in the audience actively use the Cloud saw only a pitiful couple of hands raised. However when put in another way, by one of the presenters, i.e. how many people used Android phones for example; a few other hands went up along with looks of dawning comprehension. The Cloud rightfully exists behind the scenes, powering various services that are often taken for granted by the consumer, and the Android example simply confirms that in spite of all the buzz, your common, garden variety, consumer has little understanding or interest in this techie catnip known as cloud computing. And who can blame her, after all was it not the same geeky fads that brought us other similar buzzwords as: Application Service Provider (or ASP), Grid computing, and heck even Web 2.0?

But I digress, what’s this got to do with IT Security you ask? The answer is very simple, if the Cloud is really a behind-the-scenes enabler, then Cloud security should also be behind the scenes; but I get this uneasy feeling in the pit of my stomach (no, not from eating too many nibbles after the event), that it won’t be long before someone gets sued over some security breach emanating from the Cloud. How long before we get Cloud Compliance and Cloud Security Risk Assessment models, regulations and perhaps even some exotic insurance policy for Cloud based services? Furthermore, the Internet (and consequently the Cloud) is essentially borderless technology, which means that various national and international data governance regimes may have a thing or two to say about where data is stored – assuming it can be found in one place!

Finally, we also learnt that some clever Silicon Valley types are actively seeking ways to commoditize The Cloud, and Cloud based services, such that it can be traded as a financial instrument. Now where have we seen that one before – does Collateralized Debt Obligation ring a bell? Suffice it to say there’s a lot of food for thought when it comes to Cloud Security, and far better qualified people than I have pondered, spoken and written about it (e.g. see my  review of an excellent book about Cloud Security), so I shall just leave well enough alone.

Aside from the cloudy issue of cloud security (sic), the event provided many opportunities for attendees to hear and debate other key topics of interest in IT Security, and our four speakers did a great job of keeping people engaged throughout. More information, including presentation slides, can be found on the BCS NLB website.

Categories: BCS, Capgemini, Cloud, Security Tags: , ,