Potential Future of Cloud Security
Presence of Cloud Security
The application of cloud computing is ubiquitous since 2008 and the industry has experienced a fast growth with exceeding performance. The future of cloud will put emphasis on flexibility of solutions where customers could use hybrid IT solution that balances scalability and flexibility of cloud as well as the security of a private servers.
Cloud introduces security concerns as data breaches are getting more popular with the rise of cloud adoptions. The Cloud Security Alliance (CSA) details some major threats to cloud security. One of the major threats is of course data breaches where companies could face criminal charges. There have been multiple measures to tackle with the situation such as multifactor authentication processes, but it comes with vulnerability of misallocation of permission to data within the organization. Another common method is implement proper training, but some data breaches are usually caused by unintentional accidents, which takes time to instil proper knowledge on management of data, thus making it a long-term approach. These seems to be the only cards on our hands when it comes to improving cloud security. What else can we do?
Can blockchain technology be a viable solution for cloud security?
Compliance with law and putting trusting on business processes to an outsourced vendor who has limited accountability seems to be an headache for cloud customers.
Blockchain runs on a public ledger recording transactions and no centralized authority that is responsible for saying what is true or what is false, rather multiple distributed parties come to consensus, that consensus is entered the ledger which thereafter can be accessed by anyone in the future. It is computationally infeasible for a single actor (or anything less that majority consensus) to go back and modify history.
How can blockchain technology be used in cloud. Unlike a direct linkage between cloud servers and users, cloud can be somehow like a virtual logistics platform where data is transferred into cloud, and it will go through processing, and then its transferred further to users for their own desired purposes.
Every single bit of data involved in transfer, process, or storage of data is input into the blockchain. The tracking of data transportation, people who accessed or altered with the data is now verifiable by parties who has access to the blockchain. The blockchain could also freeze the platform whenever necessary in which users can verify the platform. The system that cloud providers can create makes cloud data traceable, so that stakeholders of cloud can be held accountability and responsibility for their actions on cloud platform, and law regulators get to audit all processes and check the legitimacy of the actions on cloud online to satisfy regulatory purposes and even to prevent cyber-crimes.
There are infinite possibilities to build something new from old or existing technology, and blockchain plus cloud combination is a paragon of it. Though the feasibility of such a complex technological platform/product is low due to technological limitation (hardware limitations for network speed and storage size) or regulatory compatibility (many regions still see blockchain as illegal platform), I still see positive prospects of such directions where future technological development is heading.
[1] https://www.futureofeverything.io/future-of-cloud-computing/
[2] https://www.information-age.com/approach-cloud-computing-cyber-security-2018-123466624/
[3] https://www.computerweekly.com/feature/Blockchain-and-the-promise-of-cooperative-cloud-storage
One comment on “Potential Future of Cloud Security”
Comments are closed.
Your article gives a very good overview of how blockchain technology could further increase the security of cloud solutions. Especially the concern about giving information third-party organizations could be solved this way. In your post, you pretty much focus on the theoretical idea behind introducing blockchain technology for purposes of cloud security. In my comment, I would like to focus on real-life examples: All of the big cloud providers have started to work on blockchain-related technology: So, your article is indeed very relevant!
As pointed out by Bloomberg, Google is, for instance, working on a Blockchain solution which enables clients to run blockchain applications on their own servers. (ZDNet, 2018a). The control over the data would be handed back to the client with an increased feeling of control. But it is not only Google working on such solutions. Only giving you a few examples, Microsoft, for instance, works on a Blockchain based authentication systems (ZDNet, 2018b), whereas AWS already offers a BaaS technology to let clients test blockchain without employing their own infrastructure (Computerworld, 2017). Reading through the literature, you will realize that all of those technologies are not yet ready to be applied as a holistic security solution. It shows that the companies are building the technology to realize what you have described. However, another question might be whether companies want to lose centralized control over the data stored in their cloud and whether this would be legally allowed. What do you think?
Sources:
Computerworld (2017). Blockchain-as-a-service allows enterprises test distributed ledger technology; accessed from: https://www.computerworld.com/article/3237465/enterprise-applications/blockchain-as-a-service-allows-enterprises-test-distributed-ledger-technology.html; 15th July 2018
ZDNet (2018a). Google is experimenting with blockchain technology for use in the cloud: report; accessed from: https://www.zdnet.com/article/google-is-experimenting-with-blockchain-services-report/; 15th July 2018
ZDNet(2018b). Microsoft: We’re developing blockchain ID system starting with our Authenticator app; accessed from: https://www.zdnet.com/article/microsoft-were-developing-blockchain-id-system-starting-with-our-authenticator-app/; 15th July 2018