Sunday, 2 September 2012

Potential giant leap forward for secure cloud storage

Storing your documents and data in the cloud has several significant benefits:
  • access and manage documents via a wide range of modern browsers
  • most cloud providers offers shared access, shared editing and version control as well
  • download and upload from any Internet-connected machine or device:
    • new devices have immediate access
    • old devices can be discarded safely
  • backup automatically managed by cloud provider
Set against these major features are the need for a constant Internet connection and bandwidth requirements which may be high if there is a high rate of document upload/download. These concerns are lessening over time and will be unlikely stumbling blocks for cloud storage adoption.

The one remaining concern is document security. While document transport can be secured it remains a trust relationship with the cloud storage provider that they will not read document contents, even when encrypted, and not disclose the document to authorities possibly sited overseas.

Fortunately a solution to secure cloud storage is in sight by way of federated cloud document architectures. Soon to launch in public beta in a few days comes LifeStuff offering "totally unlimited, totally secure and totally free cloud storage". When the LifeStuff software is installed on your device your documents are divided into segments, encrypted, and different segments stored in different parts of the cloud a multiple number of times to allow for failures. No one cloud site stores the complete document.

Whole documents are reconstituted from different cloud stores when needed. The cloud stores are free and unlimited because they exist on the local storage on other users' devices. Thus if you want 50 GB of cloud storage you must agree to store 50 GB of other users' document fragments on your device, and be connected to the Internet for access. Note the storage is 'free' but the bandwidth charges are not. Nevertheless the encrypted, federated nature of the cloud storage offers high security.

As outlined in a cloud breakthrough article Australia's own CSIRO ICT Centre has "developed a secure cloud system that breaks up files into segments, encrypts them and sends each segment to a different cloud provider. Using special software the user would still see and manipulate their files as a single entity, however, each provider received only part of the file in an unreadable, encrypted form".

So this solution uses existing cloud storage providers for the actual document storage. Most cloud providers allow a free service for up to about 25 GB storage. This federated solution thus maximises the use of free storage in the cloud. Users would sensibly pay for larger capacities and support from the providers.

Both the LifeStuff and CSIRO solutions offer the real potential of secure cloud storage at last and should speed its adoption.