Building a Secure Cloud without Undue Points of Control

In 2010, cloud provider Amazon.com elected to shut down its hosted version of the WikiLeaks website. Amazon, like many such vendors, offers hosting to all comers but under terms of service that give it broad latitude in deciding ultimately whom to serve. Given the public controversy over WikiLeaks, Amazon’s action crystallized something already known about cloud computing: when one’s data or software is hosted far away and under the care of a third party, there are new risks and complications that can offset the ways such hosting can make life simpler and safer.

Some of these risks can be managed: businesses can shop carefully for an enterprise-level cloud provider, and pay more for those that can persuasively claim more reliable service, or for contracts that penalize unanticipated or unjustified takedowns or interruptions. (For consumers, who plan and bargain less, the equation can be particularly dangerous: a lifetime’s worth of e-mail or photos, or a social network comprising hundreds or thousands of hard-won relationships, can have its rules changed, or even evaporate, in an instant.)  However, not all risks can be easily mitigated. For example, network trouble or government-mandated filtering can come between a business and its cloud processes. And, as events in Egypt and Libya demonstrated, there are occasions in which an entire nation’s Internet access can be threatened. The solution is not likely to involve retreat to one’s own basement servers. Basements aren’t fail-safe either, and another marker thrown down by the WikiLeaks episode is the prevalence and power of denial of service attacks: all but the most bunkerized homes for data and code are vulnerable to compromise or attack.

We do not want to see the move to cloud computing, which can offer so many  benefits, slowed if the fears brought into focus by the WikiLeaks episode remain unaddressed. Yet we also do not want to find ourselves continuing a march to cloud computing that entails clustering under only a handful of powerful umbrella service providers, leading to limited competition and a handful of points of control.

Solutions may lie not as much in centralization as in its opposite: creating protocols and processes by which data is voluntarily mirrored among otherwise-independent sites. Then if one is disrupted, other copies remain. And at the network’s physical layer, we may see projects such as mesh networking -- creating connectivity without relying upon Internet service providers -- move from the interesting to the downright vital. While the approaches and examples can vary, answers to these very new problems may be inspired from the oldest of human instincts and political

organization: mutual aid.

As cloud computing accelerates, our creativity and sociability will be tested as we seek to realize its gains without

creating undue vulnerability

By Jonathan L. Zittrain, Professor of Law and Professor of Computer Science at Harvard University and

Member of the Project Working Group

photo credit: IvanWalsh.com via photopin cc