SpyCloud: Intel Agencies Look to Keep Secrets in the Ether
Photo: mnsc/Flickr; modified by Lena Groeger- By Lena Groeger
Dropbox for files… Google for mail… iCloud for well… everything. Average citizens have all kinds of options for storing their information in the cloud. Now, spies want in. Soon, our nation’s secrets may take on a slightly more nebulous form.
In-Q-Tel, the investment arm of the CIA and U.S. intelligence community, recently sunk money into a cloud-based storage company called Cleversafe. It says the platform is “ideal for storing mission critical data by addressing the core principles of data confidentiality, integrity and availability.” (Incidentally, those principles also spell out CIA).
This is only one of a series of new government initiatives to move into the cloud. Since last year, the administration has embraced a “cloud first” policy, which encourages cloud-based solutions “whenever a secure, reliable, cost-effective cloud option exists.” The Pentagon is already planning its migration, and the 2011 Cloud Computing Act, expected out in a few weeks, may put in place even more incentives for investing in cloud computing options.
But the move upwards brings all sorts of security concerns, particularly for the CIA — which is still smarting from the recent hack of its public website. While there has been much debate over the safety of the cloud versus more traditional forms of storage, Cleversafe is confident that data will be secure with them... which is good, because the government would love to prevent another Bradley Manning from spouting off all their secrets to WikiLeaks.
Cleversafe CEO Chris Gladwin, a Chicago software designer with a knack for cryptography, says the secure method behind his technology has been known for a long time. Originally put forward in the 1979 paper How to Share a Secret, the idea is simple: Take some data, run it through a few mathematical algorithms, and end up with a bunch of pieces, several of which can re-create the original data but are meaningless on their own.
Similarly, using a technology called “information dispersal,” Cleversafe takes massive amounts of data, slices it up into pieces and then sends those slices off to various locations, or “storage nodes.” Although the data might be in four different data centers across the country, it can be accessed in real time from a “private cloud.” And unlike traditional storage methods, there’s no need to make several complete duplicates of the original data, which saves space and money.
There are a few other advantages to this type of storage, according to Gladwin. It’s confidential, because individual slices of data can’t be deciphered on their own — an unauthorized person would have to obtain several different data slices at once to make sense of anything at all. It’s also more reliable. Even if the disks that hold those slices are corrupted, go offline or get lost, there is enough redundancy to reconstruct the whole file from just pieces. It’s pretty unlikely that ten servers or disks would all fail at the same time.
In-Q-Tel is confident that Cleversafe “will give our customers in the U.S. Intelligence Community a robust distributed-storage solution that provides the levels of unmatched reliability they require.” Since the government’s proposed IT budget allots as much as $20 billion for cloud technology, we’ll likely to see others follow suit in the search for a cloud of their very own.
Dropbox for files… Google for mail… iCloud for well… everything. Average citizens have all kinds of options for storing their information in the cloud. Now, spies want in. Soon, our nation’s secrets may take on a slightly more nebulous form.
In-Q-Tel, the investment arm of the CIA and U.S. intelligence community, recently sunk money into a cloud-based storage company called Cleversafe. It says the platform is “ideal for storing mission critical data by addressing the core principles of data confidentiality, integrity and availability.” (Incidentally, those principles also spell out CIA).
This is only one of a series of new government initiatives to move into the cloud. Since last year, the administration has embraced a “cloud first” policy, which encourages cloud-based solutions “whenever a secure, reliable, cost-effective cloud option exists.” The Pentagon is already planning its migration, and the 2011 Cloud Computing Act, expected out in a few weeks, may put in place even more incentives for investing in cloud computing options.
But the move upwards brings all sorts of security concerns, particularly for the CIA — which is still smarting from the recent hack of its public website. While there has been much debate over the safety of the cloud versus more traditional forms of storage, Cleversafe is confident that data will be secure with them... which is good, because the government would love to prevent another Bradley Manning from spouting off all their secrets to WikiLeaks.
Cleversafe CEO Chris Gladwin, a Chicago software designer with a knack for cryptography, says the secure method behind his technology has been known for a long time. Originally put forward in the 1979 paper How to Share a Secret, the idea is simple: Take some data, run it through a few mathematical algorithms, and end up with a bunch of pieces, several of which can re-create the original data but are meaningless on their own.
Similarly, using a technology called “information dispersal,” Cleversafe takes massive amounts of data, slices it up into pieces and then sends those slices off to various locations, or “storage nodes.” Although the data might be in four different data centers across the country, it can be accessed in real time from a “private cloud.” And unlike traditional storage methods, there’s no need to make several complete duplicates of the original data, which saves space and money.
There are a few other advantages to this type of storage, according to Gladwin. It’s confidential, because individual slices of data can’t be deciphered on their own — an unauthorized person would have to obtain several different data slices at once to make sense of anything at all. It’s also more reliable. Even if the disks that hold those slices are corrupted, go offline or get lost, there is enough redundancy to reconstruct the whole file from just pieces. It’s pretty unlikely that ten servers or disks would all fail at the same time.
In-Q-Tel is confident that Cleversafe “will give our customers in the U.S. Intelligence Community a robust distributed-storage solution that provides the levels of unmatched reliability they require.” Since the government’s proposed IT budget allots as much as $20 billion for cloud technology, we’ll likely to see others follow suit in the search for a cloud of their very own.
Comments