Cloud computing, seen as a technology, is very close in context to IT infrastructure services – to hardware and software components. Looking at the use of the cloud in general, a much broader area is captured: Then it is also about networks, peering, routing, and the entire topology. How and where data is stored, how it is transmitted to the desired location for analysis, which services it will be shared with, and who has responsibility for it – these issues pose ever bigger challenges for all participants.
Custodian clouds only a temporary solution
As the Internet took shape, it was meant to be unsusceptible to disruption and just intelligent enough to find alternative paths for the data packets requiring transmission. What was important was the requirement of net neutrality – all data packets were to be treated equally.
The more the world heads in the direction of cloud computing, the more relevant the data, its content, its utilization, and legal jurisdiction become (See “Cloud and Data Protection – A Challenge to Users, which provides details of the EuroCloud service Cloud Privacy Check). As soon as the data is located at a specific place, it is initially subject to the jurisdiction of the respective nation (See Mathias Röckel's article “Cloud Computing has Become a Matter of Nationality”). But at the same time, it is also subject to the jurisdiction of the land of the data owner, or that of the contracted data administrator. Some interpretations go so far that the person responsible for the technical operative environment is also made responsible. At this stage, there may again be calls for a national cloud, or custodian clouds will be formed, but these only represent a temporary solution.
Transparency of the data pathways
An alternative could be to connect sender and recipient on predefined paths. However, that runs contrary to the fundamental networked concept behind the Internet, because if one path does not work, one of the many other possible paths will simply be chosen. Now, fixed paths can be defined via leased lines – but with specific destinations and data volumes. The recent Multi-Cloud Study by Crisp Research (See “Multi Cloud Management – Trends and Challenges for Enterprises”, by Marc Sundermann from QSC) shows that, even now, companies need to be connected to many cloud services and not simply with one or two. For this reason, DE-CIX, the worldwide leading operator of Internet Exchanges, has developed a new intelligent service: DirectCLOUD addresses Internet service providers, data centers, and enterprises (See Dr. Thomas King's interview “Accessing Diverse Cloud Services and Securing Business Critical Applications”). The service gives them an extremely fast, secure, and cost-effective connection to a large range of cloud service providers: Using a single port at DE-CIX, cloud users are connected directly with the desired cloud providers via Virtual Local Area Network (VLAN). And if the choice is made for a local cloud service provider, the Internet service provider can guarantee that the data never leaves Germany.
The connection via VLAN bypasses the Internet and is therefore secure against DDoS attacks. It simplifies redundant IT solutions, which ensures greater security against outages and mitigates the risk of lost packets, latency, and cyber attacks (See “Fundamentally Preventing Attacks”, by Daniel Heck from Rohde & Schwarz Cybersecurity). For the customer, the service works like a local network that has been lengthened into the cloud. Additionally, DirectCLOUD users can use their own IP addresses in the cloud, and no switching mechanisms are required.
The issues of territoriality, security against cyber attacks, and transparency of the data pathways are therefore becoming more important, and have an influence all the way through to the infrastructure and network areas.
Differentiation must also be made as to who generates, collects, and uses data, but also quite generally, as to who owns this data and who has the right of co-determination. Let’s take the relevant example of the connected car – even without autonomous driving. The data is generated by the user of the car, and the IoT device (vehicle) belongs to the user, the user’s employer, or a leasing company. The associated analytical platform (See interview with IoT specialist Dr. Bettina Horster from VIVAI on “How to Choose the Right IoT Platform for your Needs”) for car-related services belongs to the car manufacturer or a group of providers within the sector. At the digital hub further downstream for traffic control, tour guidance, and contextual marketing of all kinds, a range of third-party providers are involved, and by now it’s already getting difficult: What happens if the car is sold or the user decides, despite the many benefits, not to allow the generated data to be used? Does anyone take care of the deletion of the data in the system and in the associated platforms? Added to this is the fact that, after a certain point, the services offered will simply not work properly without the compulsory provision of data.
So will we live to see the day when future data transmissions are subject to unambiguous agreements between sender and recipient on the use and ownership structure?
Smart with profound influence
When the European General Data Protection Regulation (GDPR) comes into effect in May 2018, such thoughts will become increasingly relevant. But even so, we are only at the beginning of dealing with the questions of the extent to which qualification of data will influence the design of cloud topology, data logistics, and data processing and what will happen based on this (See “Digital Hypes and their Consequences: Optimal Cloud Infrastructure for Dealing with Data Monsters”, by Alexander Frese from ITENOS). Here, we are moving further and further into the world of “smart services”. For example, business communication is moving into the cloud, and even private branch exchange (PBX) is being managed out of the cloud. With some additional equipment, like headsets and software services, old-fashioned desks can turn into smart workplaces (See “The Impact of Digitalization on Business Communications”, by Detlev Artelt from aixvox). At the same time, the studies on the smart home and smart city published by eco – Association of the Internet Industry demonstrate impressively how profoundly these service concepts will influence our future world (See “What it Takes to Make a Port City Smart”, by Mathias Röckel from FRESH INFO +++ for eco - Association for the Internet industry) and at the same time enable a service market with growth forecasts of around 20 percent per year.
But for a city to be able to call itself “smart”, a multitude of measures are necessary and the targets are continuously rising in international comparison (See the interviews with ADL's Lars Riegel on “Smart City & Smart Home – The Opportunities and Benefits for Companies” and ICLEI's Roman Mendle on “Solving Tomorrow’s Problems with Smart City Methodology”). In any event, the Internet is an essential infrastructure component in this, especially in the area of mobile access. But it is also essential for the sensor technology (IoT) and ultimately the digital eco-system (See the interview with eco's Markus Schaffrin on “Forging Partnerships to Conquer Smart Markets”), both of which, as a result of performance and scalability requirements and from an economic perspective, can only develop with the support of cloud services (See the interview with Süleyman Karaman from Colt Technology Services, “Cloud Access – Resist Naive Assumptions”). The segments transport & logistics, communication, security, and building automation will account for the lion’s share of the services’ revenues, together accounting for more than 50 percent in the coming five years. In the second wave, however, the education and health sectors, and public administration will be the growth drivers.
Much depends on cloud computing presenting itself as just as stable and reliable as the Internet itself, and demonstrating an appropriate level of legal security, predominantly in the area of data protection. eco is extensively active in the shaping of all Internet-related topics, which includes the framework conditions for a well-functioning digital economy.
Andreas Weiss is Director of the cloud association EuroCloud Deutschland_eco e.V. since its foundation and acting within eco since 1998. He played a key role in developing the EuroCloud Star Audit as the first cloud-specific auditing process and is part of various research and SME supporting projects like NGCert (Next Generation Certification) and Trusted Cloud. He is the co-author of both the book “Cloud Migration”, dealing with issues of quality requirements and selection criteria, as well as the EuroCloud Guidelines "Cloud Computing – Law, Data Protection & Compliance” and the Cloud Acceptance Study.