Wednesday, July 2, 2008

Is Cloud Computing applicable in national security and law enforcement?

Late last week I asked the following question on linkedIn



"Are Cloud Computing concepts applicable in secure national security and law enforcement arenas (i.e. Defense, Homeland Security, Intelligence, Justice)? If so, how? If not, why? "

The responses were very interesting:

Software Architect - I think they are certainly applicable. Speaking specifically of Amazon's Web Services, security is one of the main pillars of the platform and all of their services provide the ability to lock down access. ..... Auditing security on well-known cloud computing platforms is actually much simpler than in-house computing as knowledge of the systems in use is much more broad and transparent.


Sr. Advisory Architect - They already are, and have been for quite some time

IT Business Consultant manager - I can image that many business strategists or security architects who are new to the concept will balk at the idea of allowing information to live in a cloud they don't control and will likely propose some sort of "special cloud" of their own - thus defeating the ROI altogether


Senior Computer Systems Engineer - I have been asked to informally consult on this issue and I am a bit skeptical about the storage aspect of cloud computing. The client I was consulting for had some serious legal issues in relation to storing data outside certain geographical boundaries (where the cloud provider(s) where) which was a big obstacle from the very beginning.


Information Assurance Executive - Cloud Computing concepts in secure (trusted) information sharing environments are applicable however, involve some additional complexities that other environments do not. These environments should adhere to published data, security, infrastructure and interoperability standards (e.g. W3C, OASIS) and by default should be cross-domain (e.g. DoD, IC) compliant following prescribed national security requirements.

Team Lead - Compared to "on site" storage - I hear the argument that it is MUCH MORE secure in the cloud.

Serial Entrepreneur - Cloud computing is mainly about scale. Google and Amazon have such massive deployments that the operational costs of the resources dwarf most organizations. If we look at the governmental apparatus and think of it as a client of computational resources it is indeed very big. It would seem to me that given their possession of adequate scale they could simply run a private infrastructure for themselves and have their own cloud.

Director of Strategic Operations - I think we're going to see an increase in grid computing and cloud computing concepts as the costs drop and the benefits become more tangible. I think national security implementations are prime candidates for early adoption of such technologies - beyond whatever may already be in place now - simply because of the massive scale of the computing effort, storage, and general computational requirements of such massive data sets.

Information Technology & Services Consultant - The whiteboard used to iron out all the 'gotchas' in a Cloud Computing environment for secure national security and law enforcement arenas would stretch around the Bronx Zoo (i.e. the baseball stadium)...


All the responses can be read at LinkedIn answers .

2 comments:

Anonymous said...

Kevin,
thank you for your constant input to data security / SOA in the cloud. This is definitely a hot topic. I come from Germany where we have rather strict data protection laws. My 5 cents on my blog: http://markusklems.wordpress.com/2008/07/03/data-security-in-the-cloud/

Anonymous said...

I am a computer engeenier. Certainly it has a major role to play .