Cloud Computing as a service-on-demand architecture has grown in importance over the previous few years. One driver of its growth is the ever-increasing amount of data that is supposed to outpace the growth of storage capacity. The usage of cloud technology enables organizations to manage their data with low operational expenses. However, the benefits of cloud computing come along with challenges and open issues such as security, reliability, and the risk to become dependent on a provider for its service. In general, a switch of a storage provider is associated with high costs of adapting new APIs and additional charges for inbound and outbound bandwidth and requests. In this chapter, the authors present a system that improves availability, confidentiality, and reliability of data stored in the cloud. To achieve this objective, the authors encrypt users' data and make use of the RAID-technology principle to manage data distribution across cloud storage providers. Further, they discuss the security functionality and present a proof-of-concept experiment for the application to evaluate the performance and cost effectiveness of the approach. The authors deploy the application using eight commercial cloud storage repositories in different countries. The approach allows users to avoid vendor lock-in and reduces significantly the cost of switching providers. They also observe that the implementation improved the perceived availability and, in most cases, the overall performance when compared with individual cloud providers. Moreover, the authors estimate the monetary costs to be competitive to the cost of using a single cloud provider.
TopIntroduction
Cloud Computing is a concept of utilizing computing as an on-demand service. It fosters operating and economic efficiencies and promises to cause an unanticipated change in business. Using computing resources as pay-as-you-go model enables service users to convert fixed IT cost into a variable cost based on actual consumption. Therefore, numerous authors argue for the benefits of cloud computing focusing on the economic value (Carr, 2008), (Armbrust et al., 2010).
However, despite of the non-contentious financial advantages cloud computing raises questions about privacy, security and reliability. Among available cloud offerings, storage services reveal an increasing level of market competition. According to iSuppli (Burt, 2009) global cloud storage revenue is set to rise to $5 billion in 2013, up from $1.6 billion in 2009. One reason is the ever increasing amount of data which is supposed to outpace the growth of storage capacity. Currently, it is very difficult to estimate the actual future volume of data but there are different estimates being published. According to IDC review (Gantz, & Reinsel, 2009), the amount of digital information created and replicated is estimated to surpass 3 zettabytes by the end of this year. This amount is supposed to more than double in the next two years. In addition, the authors estimate that today there is 9 times more information available than was available five years ago.
However, for a customer (service) to depend solely on one cloud storage provider (in the following provider) has its limitations and risks. In general, vendors do not provide far reaching security guarantees regarding the data retention (Ponemon Institute, 2011). Users have to rely on effectiveness and experience of vendors in dealing with security and intrusion detection systems. For missing guarantees service users are merely advised to encrypt sensitive content before storing it on the cloud. Placement of data in the cloud removes the physical control that a data owner has over data. So there is a risk that service provider might share corporate data with a marketing company or use the data in a way the client never intended.
Further, customers of a particular provider might experience vendor lock-in. In the context of cloud computing, it is a risk for a customer to become dependent on a provider for its services. Common pricing schemes foresee charging for inbound and outbound transfer and requests in addition to hosting the actual data. Changes in features or pricing scheme might motivate a switch from one storage service to another. However, because of the data inertia, customers may not be free to select the optimal vendor due to immense costs associated with a switch of one provider to another. The obvious solution is to make the switching and data placement decisions at a finer granularity then all or nothing. This could be achieved by distributing corporate data among multiple storage providers. Such an approach is pursued by content delivery networks (for example in (Broberg, Buyya, & Tari, 2009), (Buyya, Yeo, & Venugopal, 2008) and implies significant higher storage and bandwidth costs without taking into account the security concerns regarding the retention of data. A more economical approach, which is presented in this paper, is to separate data into unrecognizable slices, which are distributed to providers - whereby only a subset of the nodes needs to be available in order to reconstruct done for years at the level of file systems and disks. In our work we use RAID like techniques to overcome the mentioned limitations of cloud storage in the following way.
Security: The provider might be trustworthy, but malicious insiders represent a well known security problem. This is a serious threat for critical data such as medical records, as cloud provider staff has physical access to the hosted data. We tackle the problem by encrypting and encoding the original data and later by distributing the fragments transparently across multiple providers. This way, none of the storage vendors is in an absolute possession of the client’s data. Moreover, the usage of enhanced erasure algorithms enables us to improve the storage efficiency and thus also to reduce the total costs of the solution.