The Wayback Machine - https://web.archive.org/web/20120506032350/http://cloudcomputing.sys-con.com/node/675453

Welcome!

Cloud Expo Authors: Elizabeth White, Pat Romanski, Liz McMillan, Jeremy Geelan, Maureen O'Gara

Related Topics: Cloud Expo, Virtualization

Cloud Expo: Article

Cloud Computing: Securing the Cloud

I wrote my own S3 client which uses strong encryption on the I/O stream as it leaves my computer
By Jonathan Craven
Article Rating:
September 15, 2008 08:35 AM EDT
Reads:
 14,038

Jonathan Craven's Blog

I don't trust Amazon S3 with my personal data. It's not a question of trusting Amazon to abide by the terms of service - I do trust them as a company, but no company can be immune from a rogue employee or corporate espionage, and it is not easy to trust their security procedures unless you can audit them yourself at whim, which is a practical impossibility.

I have already written about how I have enthusiastically adopted Amazon S3 as a solution for off-site backups, and for publishing heavier content than my home server could handle, such as video. The other day one of the hosts of Buzz Out Loud mentioned that he didn't trust his personal data in the cloud just yet. He could see that it was the way of the future, but was not yet comfortable with the trust issues. Then then this week John C. Dvorak echoed the same concerns on TWiT.

They are right of course, and I don't trust Amazon with my personal data either. I have a lot of personal data to back up, such as every e-mail I wrote or received from 1998 to around 2005 (I've let GMail handle it since then, where I technically ought to back it up via POP, but haven't...), not to mention other personal identifying data that I would not want in the wrong hands. It is not a question of trusting Amazon to abide by the terms of service—I do trust them as a company, but no company can be immune from a rogue employee or corporate espionage, and it is not easy to trust their security procedures unless you can audit them yourself at whim, which is a practical impossibility.

My solution to this problem is one that your average user, even a geek like Tom Merritt, probably can't do: I wrote my own S3 client which uses strong encryption on the I/O stream as it leaves my computer. Amazon thus stores for me a few gigabytes of what is literally useless ones and zeroes, but when I download it with my special client it is decrypted on the fly back into the original file. Such a solution requires not only the knowledge of how to code one's own S3 client, but also enough knowledge of cryptography and computer security to know whether a solution is really secure, or whether it could be cracked by those with enough resources. I'm fortunate to be in a position do do this by myself.

I'm sure that at some point there will be, and maybe there already is, a client program you can download to do this for you, where you set your own key phrase. But unless you audit the entire source code of that program, you can't be sure that it isn't sending your key out to some third party. An open source solution would allow you to check this, but frankly the time it would take to audit all the code would be longer than the time it takes to write your own (at least it was in my case). But in the absence of a widely audited and popularly acknowledeged open source way of encrypting the stream before it leaves your computer, we'll never get beyond the issue of trusting the company you're giving your data to.

(The only problem, now, is keeping my source code to my client and my key file safe, since if I lose those I would be left unable to download my own backups!*)

* Don't worry, I have worked out a solution for this, but I'm not going to post it here!

 

Published September 15, 2008 – Reads 14,038
Copyright © 2008 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

More Stories By Jonathan Craven

Jonathan Craven is an American software engineer currently living and working in northern France.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Cloud Expo Breaking News
By Elizabeth White
“Cloud computing represents a paradigm shift for IT, transforming computing power into a utility,” observed James Weir, CTO and Co-Founder of UShareSoft, in this exclusive Q&A; with Cloud Expo Conference Chair Jeremy Geelan. “While cloud adoption remains in the early stages,” Weir continued, “this shift means that the overall market will grow massively in the coming years.” Cloud Computing Journal: Agree or disagree? – "While the IT savings aspect is compelling, the strongest benefit of cloud co...
May. 5, 2012 07:00 PM EDT  Reads: 2,415
By Pat Romanski
Hadoop, MapReduce, Hive, Hbase, Lucene, Solr? The only thing growing faster than enterprise data these days is the landscape of big data tools. These tools, which are designed to help organizations turn big data into opportunities, are gaining deeper insight into massive volumes of information. A recent Gartner report predicts that enterprise data will increase by 650% over the next five years, which means that the time is now for IT decision makers to determine which big data tools are the best...
May. 5, 2012 07:00 PM EDT  Reads: 4,625
By Liz McMillan
If your organization already uses virtualized infrastructure, you are well on your way to providing IT as a Service. But as businesses demand faster results in today’s competitive market, organizations look to gain more benefits from cloud computing than just virtualized infrastructure. Learn how to extend & ensure your private cloud investment with a private Platform as a Service (PaaS) and provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your deve...
May. 5, 2012 06:00 PM EDT  Reads: 1,414
By Jeremy Geelan
With Big Data Expo 2012 New York (www.BigDataExpo.net), co-located with 10th Cloud Expo, now under six weeks away, what better time to introduce you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are ...
May. 5, 2012 05:00 PM EDT  Reads: 2,615
By Elizabeth White
Can you bring services from the cloud to your customers faster and have them adopt it with ease of use or bring the power of bundled services to the fingertips of your clients without creating new rigid ‘apps stove pipes'? Do you want to prevent your business running away to public and unmanageably immature cloud services? In his session at the 10th International Cloud Expo, Hans van de Koppel, Sr. Enterprise Architect at Capgemini, will take Cloud Expo delegates to the developing world of clou...
May. 5, 2012 04:45 PM EDT  Reads: 2,643
By Elizabeth White
Enterprises want to mix the best of their own data centers with private and public cloud services without compromising security and uptime. Making internal information assets available to work across private and public clouds requires a management layer that can stitch together disparate services to create a hybrid enterprise. This requires a way to abstract, secure and manage information flows across all domains. In his session at the 10th International Cloud Expo, Matt McLarty, Vice Presiden...
May. 5, 2012 04:45 PM EDT  Reads: 1,352
By Pat Romanski
As virtualization adoption progresses beyond server consolidation, this is also transforming how enterprise applications are deployed and managed in an agile environment. The traditional method of business-critical application deployment where administrators have to contend with an array of unrelated tools, custom scripts to deploy and manage applications, OS and VM instances into a fast changing cloud computing environment can no longer scale effectively to achieve response time and desired eff...
May. 5, 2012 04:00 PM EDT  Reads: 1,416
By Pat Romanski
Information Security and Risk has become a top concern of IT organizations and consumers alike. Concern about inadequate Info Security remains the #1 obstacle to greater adoption of Cloud Computing, according to Intel’s research. The rapid growth of Mobile and IP-connected Embedded devices, Cloud Computing, Social Networks, and “Consumerization of IT” is being met with, and in some cases contributing to, an escalating number and complexity of Cyber-threats. Tenants of the cloud need the ability ...
May. 5, 2012 04:00 PM EDT  Reads: 1,634
By Pat Romanski
CIOs today have the opportunity to become cloud champions in their organizations, building innovative new IT models that drive new business opportunities. Whether your business is purchasing a single cloud application or driving a company-wide cloud strategy, it is essential to centralize, secure and manage the flow of information in and out of your firewall and to and from the cloud. In his session at the 10th International Cloud Expo, Rick Nucci, founder and general manager of Dell Boomi, wi...
May. 5, 2012 04:00 PM EDT  Reads: 1,716
By Jeremy Geelan
With Big Data Expo 2012 New York (www.BigDataExpo.net), co-located with 10th Cloud Expo, now under six weeks away, what better time to introduce you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day at the combined event from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are...
May. 5, 2012 01:30 PM EDT  Reads: 1,815
MORE »