[ale] [ALE] OT: article on encryption keys and cloud computing
Jay Lozier
jslozier at gmail.com
Tue Nov 13 12:59:22 EST 2012
On 11/13/2012 11:49 AM, Jonathan Meek wrote:
>
> http://m.nextgov.com/cloud-computing/2012/10/op-ed-encryption-not-restriction-key-safe-cloud-computing/58608/
>
>
> Sorry about that. I goofed.
>
My problem is less the security of encrypted data but with the physical
location of the data. Some of the concern is the local political
stability and attitudes and part of is technical/commercial.
Data stored in a relatively stable country (say Canada, Australia, or
Japan) is probably relatively safe from local political mischief but in
other, less stable countries I am not so sure about that. First any
encryption algorithm can be cracked with enough time/computing power
thrown at it. Also, how the people with access to the equipment vetted;
some of the information should be not be near by any who has not been
vetted (security clearance, etc.). Compounding this with the locals
loyalty is to their country not any other foreign country.
The technical/commercial is that offshore facilities may not be in the
same time zone as the users. This potentially creates support problems
of the data center being on third shift to support users on first shift.
Third shift is always a difficult shift to staff because many do not
adapt well to it; I worked third shift for several years. The technical
issue is how stable is the local infrastructure; are they subject to
local outages that make the data unreachable or unusable. The data may
be scattered in several locations but is all the necessary data together
so an outage would be all or nothing.
Personally, I find many of the Cloud promoters overlook other issues
that should be included in the decision besides absolute costs. And my
question what is the difference topologically between a third party
Cloud provider and an internal data center? The main difference I see is
how it is budgeted; someone has to provide the physical infrastructure
and you are going to pay for it. The costs are either primarily internal
- your data center and staff - or external - someone else's data center
and staff.
> On Nov 13, 2012 11:27 AM, "Tim Watts" <tim at cliftonfarm.org
> <mailto:tim at cliftonfarm.org>> wrote:
>
> Care to feed us a link?
>
> On Tue, 2012-11-13 at 08:24 -0500, Jonathan Meek wrote:
> > Guys,
> >
> > Came across this article on keys and cloud services. It makes the
> > argument that customer controlled keys makes a step in the right
> > direction and could help governments take advantage of cloud
> > computing.
> >
> > Just food for thought.
> >
> > Jonathan
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org <mailto:Ale at ale.org>
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org <mailto:Ale at ale.org>
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
--
Jay Lozier
jslozier at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20121113/ae1a818b/attachment-0001.html>
More information about the Ale
mailing list