smart usage of cloud services 1

SMART USAGE OF CLOUD SERVICES 1

Christoph Hechenblaikner

Cloud Storage Services

CLOUD COMPUTING

CLOUD COMPUTING

• NIST:

• On demand self service

• Very broad network access

• Resource pooling / automation

• Rapid Elasticity

Christoph Hechenblaikner[1] http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf, (25.05.2013)

CLOUD COMPUTING

Christoph Hechenblaikner[2] http://www.idc.com/getdoc.jsp?containerId=prUS23684912#.UOiFdYnjlgw

• IDC CC-Forecast Nov 2012:

• 2016: $100 billion

• AGR: 26,4% (2012 - 2016)

• 2016: 41% of total IT growth

• 2015:1/7 of total IT investment

TOWARDS HEAVEN

Christoph Hechenblaikner[3] http://jameskaskade.com/?p=344(25.05.2013)

SaaS PaaS IaaS

Proprietary Mainframe MPP & SMP Grid Computing Commodity Clusters Virtualized

Clusters

XAAS


Applications

Data

Runtime

Middleware

OS

Virtualization

Hardware

Storage

Networking

Applications

Data

Runtime

Middleware

OS

Virtualization

Hardware

Storage

Networking

Applications

Data

Runtime

Middleware

OS

Virtualization

Hardware

Storage

Networking

SaaS

PaaS

IaaS

XAAS


End User

Developer

System Engineers Developers

user

valu

e

SaaS

PaaS

IaaS

CLOUD STORAGE


Plain Hosting, FTP-Servers, NAS, ...

Amazon S3, Joyent Storage, ...

Google Drive, Dropbox, ...SaaS

PaaS

IaaS

CLOUD STORAGE


• PaaS Features

• Unlimited, scaleable storage

• Encryption / Key Management

• Areal distribution / constraints

• Backups / Integrity / Archiving

CLOUD STORAGE


• SaaS Features

• Usability / Client Applications

• Versioning / Deduplication

• Security (Transport / Storage)

• Sharing / Social Integration

THE PRESENT

THE PRESENT


PaaS !

IaaSServer

ApplicationClient Application

Client-System

File-System

wwwLibrary

BUSINESS MODEL


• Free: (or low prize)

• Limited data volume

• Limited functionality

• Limited traffic

• Limited platforms

BUSINESS MODEL


• Premium: (or business)

• Large data volume

• Extended functionality (Groups, Encryption, ...)

• Extended backup / archiving / versioning

• Business Cloud (Isolation, ...)

PROBLEMS


• Multiple accounts / providers

• Multiple devices

• Diverse functionalities / file structures

• Different security / privacy policies

} Exclusive use

SECURITY CONSIDERATION


• iCloud:

• Secure Transport (HTTPS)

• Server-Side AES-128 (per file key)

• Their key !!

SECURITY CONSIDERATION


• Spideroak:

• Secure Transport (HTTPS)

• Client-Side AES-256

• Your key: Password derived (PBDF2, 16384 rounds, sha256, 32 byte salt)

ENHANCING SECURITY


• Problem:

• Server side encryption

• Provider owns keys

• Solutions:

• Software between Files and Service

• TrueCrypt, BoxCryptor, ...

BOXCRYPTOR


BoxCryptor Volume

Dropbox FolderBoxCryptor

Dropbox Service www

PROBLEMS


www

Dropbox

GDrive

DollyDrive

MANAGEMENT SYSTEMS

MANAGEMENT SYSTEMS

• Provide central interface / easy access

• Exchange between services

• Do not replace client-apps

• User manages files and distribution of files


MANAGEMENT SYSTEMS


Client-Browser /

Client-Application

Dropbox

GDrive

Sugar Sync

Box

Web-Management-

Service

CLOUDFUZE

Christoph Hechenblaiknerhttp://cloudfuze.com/

http://cloudfuze.com/

PRIMADESK

Christoph Hechenblaiknerwww.primadesk.com

http://www.primadesk.com

OTIXO

Christoph Hechenblaiknerhttp://otixo.com/

http://otixo.com/

CLOUDHQ

Christoph Hechenblaiknerhttps://www.cloudhq.net/

https://www.cloudhq.net/

SMART SYSTEMS

SMART SYSTEMS

• Manages all services

• User only manages files

• User defines constraints

• System manages accounts / distribution / security


SMART SYSTEMS


Not on the market!

CrossCloud

CROSSCLOUD


Dropbox

CrossCloud

Client-System

File-System

wwwUser

GDrive

SkyDrive

SugarSync

CROSSCLOUD


• Smart sync:

• Different services

• “Raid 0/1”, service constraints, ...

• Encryption:

• Client side / service independent

• Open source

THANK YOU!

smart usage of cloud services 1

Technology