Cloud computing security – lessons from Bletchley Park

 Today I’m at Bletchley park, home of the code-breakers in the second world war and the perfect location for a workshop* on Cloud Computing security. I thought I would share some of the most interesting points that emerged today:

Focus on security audits:

  • A talk from someone in the US department of homeland security was calling for improvements in CIO’s ability to move to the cloud while maintaining security. In doing this they argue the need for better auditing  – security audit, privacy impact audits, and performance audits. They argue the “goal is to develop test and deploy cloud computing to facilitate end-to-end trust”. Silverline was proposed as part of this move.

Cloud security as a religious debate:

  • Prof Ahmad Sadeghi argued that cloud security is “a religious debate”. While cloud security is presented as new, many parts of the work was already achieved in utility computing and IBM mainframes. The problem, he argues, is that for cloud providers the focus is upon optimization not on security. This lack of focus on security is a significant problem for BYOD (Bring your own device) since an employee backing up data with iCloud on their iPhone may be inadvertently sharing company data (e.g. calendar data on who they are meeting) in a less secure site.

Hardware Solutions to the problem of cloud security:

  • The problem with cloud security is ensuring that everything from the CPU up through the operating system stack, the hypervisor, and the users’ virtual machines are secure. Without this there is a risk either from the systems administrator, or another virtual machine, of attacking a user’s virtual machine. Prof. Sadeghi explained that one solution to this problem is being developed by Intel through their SGX – Software Guard Extension chipset. This is a hardware based cloud security solution maintaining an “enclave” area of memory which is secure from the operating system upwards – if you trust the CPU you can trust the whole server. The implementation is complex, but suffice it to say that many of the attack challenges are resolved allowing highly secure parts of the cloud to keep data.

 

Simplicity and cloud computing

In my recent co-authored book on cloud computing [1]we argue that one of the primary desires for the adoption of computing as a service (as opposed to as a product such as software and hardware organised by the purchaser) was the desire for simplicity. We even adopted the term “Simplicity as a Service” to describe the disentanglement of complexity offered by new pay-as-you-go computing services associated with cloud computing  through, for example, more standardised contracting.  Indeed one of the primary motivations for many moves to the cloud is to simplify.  Yet we stumble quickly upon a problem – while the term simplicity[2] is widely used in relation to cloud computing, we have very little understanding of what this simplicity actually means? Understanding simplicity better may help us better understand our procurement of this types of service.

In this short essay want to unpick the concept of simplicity, then apply this back to the issue of cloud computing.  In this I consider simplicity from three directions which I roughly define as Modularic, Aesthetic and Systemic simplicity.

Modularic Simplicity

Is simplicity a concern for simpler mechanisms to provide the same service (i.e. a quartz watch is simpler than a Swiss automatic chronograph yet both tell the time)? To be simpler a device must perhaps have fewer components? Or perhaps simplicity lies in the interrelation between components – the interfaces?  If we consider simplicity in these terms we can seek to examine the modularity of objects – understanding how a service is composed of different services, and examining their underlying structures[3].  This is important for cloud computing in which various technical services are often interconnected to provide service – NetFlix for example integrates various Amazon’s cloud services with my iPad’s App, and with movie-content to provide service. Through decoupling services’ modularity the complexity of the constellation of modules can perhaps be better understood. Structures such as “hierarchies” are also used to keep things “simple”  and understanding such structures would help.

In this way simplicity is a calculation roughly based on counting components and their interfaces. Yet this seems rather well… simplistic!  For as Aristotle highlights wholes are “more than the sum of their parts” – there is emergence and emergent behaviour. But more than this, there is variation in the simplicity of components.

Aesthetic Simplicity

One problem with “modularic simplicity” is that the most simple modular-objects themselves can vary considerably in their “simplicity”.  Take two objects made of clay – a brick and a pottery vase. If both weigh the same they likely have the same number of atoms within them. Yet most people would agree the brick is simpler. The vase’s atoms are in a structure which introduced intricacy and difference despite the material itself being identical. Similarly two apparently similar digital MP3 files –seemingly random series of 0s and 1s –can vary considerably in their simplicity when realised as music – a flute solo verses a prog-rock band.

Simplicity then is not inherent in the material and any attempt to calculate simplicity by counting components and their relationship will be somewhat problematic. What then makes the vase more complex?  As humans perhaps we evaluate simplicity through our interpretation – an aesthetically concept of simplicity. This is certainly the perception of many designers and reflects the design aspirations of Apple computing. From their first sales brochure’s proclamation that “Simplicity is the ultimate sophistication” [4] this company has championed the idea that computing should feel “simple” for humans, in particular that the human should (in the words of their chief designer) “feel we can dominate [physical products]. As you bring order to complexity, you find a way to make the product defer to you. Simplicity… isn’t just visual style,… minimalism or the absence of clutter.”  For Apple and their vice-president of design Jonathan Ive’s simplicity is about removal of the unessential – and the reassertion of the whole (that is the form of the final product) over the parts (that is the components which make up that whole) – but wholly centred around the human user.

This concept is also represented in Ockham’s razor[5] – the assumption that simpler explanations are better despite the lack of irrefutable logical principle that this is the case (though they are more easily tested).

A human interpretation is required – cloud computing is considered “simple” in relation to its use in doing something for humans. It can only be evaluated at the level of its use (just as an iphone is only simple when held in the hand and used – not when taken apart and examined from within where its myriad complexity becomes evident).

Systemic Simplicity

If modularic simplicity places the “thing” at the centre of simplicity, and if, in contrast,  aesthetic simplicity placed humans at the heart of defining what is simple, then perhaps we can define simplicity in terms of the interrelationship between things and people – as a kind of socio-technical perspective towards simplicity? A view of simplicity in terms of the complex social and technical arrangements of life through which we get things done –such as, for example, organisations.

In many ways this simplicity might be defined by its absence – the lack of simplicity of modern organisations and their technical arrangements. The role of managers is thus often seen to be seeking to organise things to be “simpler”.  Yet most organisations are never simple and to aspire to make them so may be problematic.  Miller[6] argued that “organisations lapse into decline precisely because they amplify and extend a single strength or function while neglecting most others. Ultimately, a rich and complex organisation becomes excessively simple –it turns into a monolithic, narrowly focused version of its former self, converting a formula for success into a path towards failure.” [7] For Miller simplicity is an overwhelming preoccupation with a single goal, strategic activity, department or world-view – and making things simple through simplifying the organisation is therefore often problematic.  This suggests that understanding what can be simplified and what cannot requires a rich appreciation of the complexity of the organisation.

Indeed the origins of cybernetics[8] and complexity theory highlight that management must meet the complexity of a situation with a similar level of complexity in their response to that situation[9]. This demands that a manager’s response to organisational complexity cannot simply be simplification of their actions if they cannot similarly understand or simplify the environment within which the organisation resides.

Simplifying without this understanding is often what managers seek to do. And in making things simple they often rely on relatively simple models of the organisation to help them make these decisions. Whether it is the organisation chart, the process diagram, the UML model, their attempts to derive simplicity is focused on such simplifications. As Stafford Beer (1973) [10]reminded us managers become bewitched by the paper representations of their organisations as a “surrogate world we manage”, losing contact with the messiness of their world[11] and assuming simplicity in the world rather than seeking to simplify the world.

Beer goes further to highlight that “if a simple process is applied to complicated data, then only a small portion of that data will be registered, attended to, and make unequivocal. Most of the input will remain untouched and will remain a puzzle”.

This is not to say that we should not attempt to simplify our understanding of organisations into models and representations, but that we must carefully acknowledge these models as “simple”, and ensure that we remain attune to their alignment with the complexity of that which they represent.

When we buy cloud computing services which aim to change our organisation in some way we must be careful that we are not selecting the computing model based on a simplistic understanding of what the organisation is trying to achieve.

What can learn from this management and cloud computing?

From these three conceptualisation of simplicity we can draw some lessons for organisational managers and for cloud computing:

1) Simplicity isn’t always inherent in devices or technology, it relates to their interpretation and representation. We should seek to model simplicity in ways which reflect this.

2) That simplifying computing systems must be met with an understanding of the level of complexity of the task they are for. Selecting too simple a service is problematic[12]

3) That simplicity does not necessary mean less complex. Rather it can relate to the use of the service at the interface being observed. In procuring a service we should be attune to the lack of simplicity at different levels.

© 2014 W.Venters.

[1] Willcocks, L., W. Venters and E. Whitley (2013). Moving To The  Cloud Corporation. Basingstoke, Palgrave Macmillan.

[2] I acknowledge the contribution of PA consulting in raising with me a concern for better understanding simplicity.

[3] Baldwin, C. and K. Clark (2000). Design Rules: The power of modularity. Cambridge,MA, MIT Press.

[4] Isaacson, W. (2011). Steve Jobs, Little Brown. Page 343.

[5] http://en.wikipedia.org/wiki/Occam’s_razor

[6] Miller, D. (1993). “The Architecture of Simplicity.” The Academy of Management Review 18(1): 116-138.

[7] Miller, D. (1993). “The Architecture of Simplicity.” The Academy of Management Review 18(1): 116-138.

[8] Ashby, W. R. (1956). An introduction to cybernetics. London, Methuen & Co Ltd. Churchman, C., R. Ackoff and E. Arnoff (1957). Introduction to Operations Research. New York, Wiley.

[9] This is inherent in Ashby’s law of “requisite variety” – though different terms are used.

[10] Beer, S. (1984). “The Viable System Model: Its provenance, development , methodology and pathology.” Journal of the Operational Research Society 35: 7-36.

 

[11] Pickering, A. (2013). Living in the material world. Materiality and Space: Organizations, Artefacts and Practices. F.-X. de Vaujany and N. Mitev, Palgrave Macmillan.

[12] I discuss this in much more detail through the term “Variety” in Venters, W. and E. Whitley (2012). “A Critical Review of Cloud Computing: Researching Desires and Realities.” Journal of Information Technology 27(3): 179-197.

 

I’m presenting at “The Exchange 2013 – Knowledge Peers”

TheExchange_NOVEMBER

I’m excited to be presenting at “The Exchange 2013 – Knowledge Peers” on the 28th November. Not only is it at the Kia Oval (which I drive past regularly so am looking forward to getting the tour inside), but also because their focus is on networking with smaller and medium sized organisations. I am of the opinion that cloud computing will offer more valuable and exciting opportunities for SMEs than large organisations so I am looking forward to connecting with many more small organisations at the event.

I hope you can join me there!

Will.

Cloud computing can change organisations – whether they like it or not

Even for organisations who avoid the adoption of cloud computing, its impact can be felt, and they too can face significant challenges from the adoption of cloud outside their perceived citadel. This is perhaps most obviously demonstrated with the case of Sukey.org.

In January 2011 the streets of London echoed to the sound of students campaigning against the imposition of tuition fees. Tens of thousands poured into the streets to make their voices heard, and the police, desperate to avoid the vandalism and violence of a protest in November the year before, attempted to use a “kettling” technique.

Kettling involves the police confining the demonstrators into a small area such as a square. Once trapped the police simply wait – keeping the demonstrators until they are tired and hungry and just want to go home. The police’s ability to kettle students thus involves their coordinating themselves to encircle the demonstrators – for which they rely on sophisticated (and expensive) communications infrastructure involving radios, control-centres and helicopters (within their organisational firewall).

But at this protest some of the students had installed a smartphone application called “Sukey” created by integrating (mashing-up) a number of cloud based services (Economist 2011) (See sidebar to understand the name).

Sukey.org used social media to allow those on the ground to report the movements of protesters and police through twitter and social networks. These reports were then catalogued on a Google-map – accessible by protesters using their smartphones. The application (build quickly by a small number of students) harnessed cloud computing and the mobile phone infrastructure to provide the protesters with a sophisticated information infrastructure similar to that of the police. This system was believed to limit the ability of the police to kettle the protesters – as they quickly moved through side-streets to avoid the police cordons.

This example shows how the police force was challenged, and their abilities constrained by a small group harnessing the “cloud” despite the police’s investment in information and communications technology. This shows that the availability of cloud computing deterministically altered what it is to police, despite the fact that the police had not changed their own infrastructure. It shows how organisations boundaries can become blurred as a consequence of outside action exploiting cloud.

The 7 deadly sins of cloud computing – ComputerworldUK.com

A thoughtful article which addresses a road less travelled than the usual hysteria type articles on cloud security…

The 7 deadly sins of cloud computing – ComputerworldUK.com.

Forbes has four predictions for 2013… I challenge them all

Over on Forbes Antonio Piraino makes four predications for the year ahead:

Cloud Computing: Four Predictions For The Year Ahead – Forbes.

I want to discuss my opinion of each of them.

1) “The cloud wars are (still) rumbling and they’re getting louder”. 

I sort of agree with the sentiment of this; that companies will be looking for value-add from cloud providers rather than simple metrics (such as network, storage or service). However I completely disagree that a battle will unfold next year – I think this is a growing market and we are seeing clear differentiation between offerings. The giants in this space are, in my opinion, desperately trying to carve out a none-competitive space in the growing cloud market, rather than going head-to-head in the battle the author  describes. For that way lies only commodity offering and a drive to the bottom. I suspect that differentiation will be a more likely tactic than “war”.

2) “A titanic cloud outage will create a domino effect”. 

The article argues that “As more IT resources are moved to the cloud, the chance of a major outage for a corporate enterprise… becomes exponentially more likely to occur”. Really? How on earth can the increasing outsourcing of service lead to an exponential increase in risk? The risk is dependent upon a number of factors:

1) Capability of the cloud provider to manage the service (again not dependent on the number of services managed)

2) Capability of the cloud user to contract effectively for risk (again not dependent on the number of services outsourced).

3) Multiplexing of services on a single site – this is dependent on the number of cloud users, however it is an architectural issue as to whether the risk increases. It is certainly not exponential that five companies sharing one building are at greater individual risk than if they each have their own building. The analogy of airline accidents v.s. car accidents comes to mind.  When a plane fails it looks catastrophic, but more people die on the roads.

The article goes on to say that “If an unexpected cloud outage were to take place within the context of [ financial services trades] , the banks would stand to be heavily penalized for incompliance” – I absolutely agree – because if they weren’t adopting defensive approaches to moving to the cloud they would be incompetent. As a recent Dell think-tank I was part of discussed, banks are already moving to the cloud, and for mission critical activity, but they are working with cloud providers to ensure that they are getting the same level of protection and assurance as the would in-house. Like any outsourcing relationship it is incumbent on the purchaser to understand the risk, and manage it. Indeed banks should be evaluating the risk of all their ICT whether in-house or external – as the high-profile failures at Natwest recently demonstrated in-house IT can be  risky too!

3) A changing role for the CIO. 

Here I  agree with the article. Governments will get more involved in regulation relevant to cloud, and this will create new opportunities. Whether CIOs  will act as “international power-brokers, ambassadors even diplomats” as the article suggests depends on how they move to the cloud – many cloud providers intention is to create cloud offerings which do not demand an understanding of international law. I also doubt that the “human-responsibilities will shrink” – this only counts if organisations see cloud as outsourcing rather than opportunity  – many CIOs are probably realising that while they are loosing headcount in certain ways (e.g. those data-centre administrators) they need skills in new applications only possible with the availability of cloud. How many CIO’s imagined managing  data-analytics and social-networking specialists a few years ago?

4) Death of the desktop as we know it.

“The expectation is that an employee’s mobile device is now their workspace, and that they are accountable for contributing to work on a virtually full time basis…”  I am intrigued by the idea of what is going to happen to the desktop PC. I know I use my smartphone and ipad a lot, but usually for new things rather than the same activities I  use my laptop for. For example I annotate PDF’s on the train,  read meeting notes during meetings, even look at documents in the bath. These are in addition to the use of my desktop PC or laptop (which I use for writing and for the host of applications I require for my work and for which I require a keyboard and solid operating system). Yes I bring-my-own-device to work, but I either demand a “desktop” like environment to run on it (i.e. integrated applications and services) in which case the management of the virtual desktop applications is as complex as the physical assets (save the plugging in and purchasing). And the idea that I will use my own device on a “virtually full time basis” is clearly none-sense… health and safety would not allow a person using a screen all day to have a smart-phone or tablet as that screen.

I don’t deny that PC’s will change, and that the technological environment of many industries is changing. But my question is whether this will increase or decrease the amount of work for the CIO? My earlier post (Cloud Computing its so 1980s) pointed out that the demand for applications within industry has not remained static or decreased – we will only increase our demand for applications. The question is then whether managing them will become easier or more difficult. For me the jury is still out but if pushed, it is for this reason that I think Windows 8 could be successful in this space.

I believe many of us are waiting for a device which capitalises on the benefits of tablets and smartphones, but which will run the complex ERP and office applications our businesses have come to rely upon. Sure we could try to make do with an iPad or Android device, but Windows 8 promises the opportunity to use the full industry proof applications we already have in a new way. I anticipate seeing lots more of these Windows 8  devices in the next few years – though  with many of the applications becoming much lighter on the desktop. After all the iPad and smartphone demonstrated the importance of locally running Apps not of cloud services…  they were just smaller and easier to manage applications.

 

 

Dell Think Tank

I am participating in Dell’s cloud think tank next Tuesday. Around 10 of us are meeting in person to discuss core issues on cloud computing. The event is live-streamed globally and through twitter you can ask us questions and interact. 

Hope to see some of you there.

Image

Presenting Cloud Desires and Realities Webcast

Tomorrow I am giving a free web-cast on my recent work on cloud computing: 

http://www.brighttalk.com/webcast/288/53101

I hope to see you there!

Best wishes

Will. 

ABSTRACT:Cloud computing has become central to current discussions about corporate information technology. To assess the impact and potential that cloud may have on your enterprise it is important to evaluate the claims made critically review these against you’re organisations’ reality. Drawing on extensive research this talk will walk through my “cloud desires framework” (recently published in the prestigious Journal of Information Technology).  The framework is structured around a series of technological and service ‘desires’, i.e. characteristics of cloud that are important for cloud users. 

 

Book Chapter Out: The Participatory Cultures Handbook

Amazon.com: The Participatory Cultures Handbook (9780415506090): Aaron Delwiche, Jennifer Jacobs Henderson: Books.

I  co-authored (with Sarah Pearce) a chapter in this book focusing on the culture of particle physicist at CERN as they developed the world’s largest Grid Computing infrastructure for the LHC. The chapter considers the different collaborative and management practices involved in such a large endeavour and offers lessons for others building information infrastructure in a global collaboration.

Pre-Order a copy now!!!