SPECIAL REPORT / As digital data piles up, protection and access to mass information have become the two keywords of European industry and governments in shaping the future of cloud computing. EurActiv reports from the Mobile World Congress in Barcelona.
The concept of openness does not immediately convey the idea of security, which tends instead to be associated with barriers, walls or fences.
However, when it comes to data storage this approach is increasingly challenged in Europe, where the cloud, the storing of digital data remotely, is being developed with the idea of being open and, at the same time, safe.
The push for safety is linked to the nature of the cloud which, being remote, requires a higher level of security. One thing is to store information in the home computer, another thing is to put it in machines located in unknown places.
"One of the obstacles to making the most of the cloud can be a lack of user trust; particularly about the security of systems (and for both individual users and businesses)," said Neelie Kroes, the European Commission vice-president in charge of the digital agenda.
A recent study undertaken by Ponemon for Axway demonstrates the depth of corporate concern over the use of public cloud services. The research questioned 621 IT professionals about the use of public cloud services, and found that only 11% were likely to know if data was lost through the cloud; 80% were concerned about negative consequences from the loss of intellectual property; 69% said they did not know whether staff were using the public cloud; 66% consider the practice risky, and just over 50% believe popular cloud-sharing services are suitable for business.
Although this survey was specifically looking at public cloud file-sharing services (such as Dropbox, Box and Drive), the results are indicative of the lack of confidence in using cloud services.
Encryption techniques, security standards, certification schemes and a number of technological developments have significantly increased the security of data, but the recent US spying scandal has given sceptics new arguments.
Many questions can be addressed by proper certifications, said Kroes. These are schemes for adequate standards that protect customers, but these cannot guarantee protection 100%, the Commissioner stressed.
"The Agency has investigated: the specific certification schemes (based on the EU Cert.-SIG feedback); what standards and specifications they certify against; and who actually provides the assurance," it announced.
"This gives potential cloud customers more transparency about existing certification schemes and how they relate to the cloud."
Not surprisingly, in the wake of Edward Snowden’s revelations, German Chancellor Angela Merkel openly called for a European cloud where digital data of EU citizens would be stored in databases located in the European Union, and therefore subject to EU data protection rules.
However, her plan should not be misunderstood, as it does not imply a fenced cloud, but goes instead with Berlin’s push for a digital data storage system that is more open than it is now.
Germany is one of the founding members of the European Cloud Partnership, a group of industry and government representatives, set up under the European Commission’s umbrella, which aims at pushing Europe towards an open and interoperable cloud, where data stored online can be accessible by the legitimate owners with the full range of applications and devices.
The ECP works towards common standards and for the gradual migration of public administrations to a secure and interoperable cloud.
The partnership’s objectives go as far as calling for “better public procurement of cloud services in Europe, based on common definitions of requirements, and possibly eventually going as far as joint procurement across borders,” reads an explicative note on a Commission webpage.
Making cloud services interoperable and getting public administrations on board would form the basis of the development of a European cloud industry, which in turn could create 2.5 million new European jobs and boost EU GDP by €160 billion by 2020, according to the Commission forecasts included in the EU executive's cloud strategy.
Moving to the cloud would also benefit the environment, significantly decreasing the energy costs linked with ICT services.
Network infrastructure developers are the main allies of open cloud supporters, as they would profit from higher demand for building cloud infrastructure, although they face pressure from providers of closed cloud services, such as Apple.
The emergence of the new model would change the way of seeing computers and the internet from within, making them more efficient as data traffic increases exponentially.
This revolution makes the net similar to an egg, according to Huawei, China’s main telecommunications networks developer, and one of the biggest in the world.
“Being broken from inside means rebirth. Being broken from outside gives just food,” the company explained. In one of its brochures Huawei shows the image of an egg and its two possible outcomes, being a chick or ending up in a frying pan, depending on the way you break it.
Cloud computing describes a whole range of infrastructure, software, data or applications residing in the cloud – that is to say, off your own premises and accessed via the Internet.
While businesses and governments wax lyrical about the benefits of cloud computing, EU regulators have been more wary, as further use of cloud systems would mean a large swathe of public and commercial data would migrate to servers possibly located outside national borders or even on other continents.
Meanwhile the issue of how copyright issues are dealt with in the cloud challenges the business models of the Europe’s powerful collecting societies which license music use within strict territorial boundaries.
European Commission – Cloud security certification schemes – 24 February 2014
European Commission: Making the cloud more transparent - a boost for secure, trustworthy services