Latest book examines new challenges of security, storage, and sustainability of cloud computing.
In his new co-edited book, “Regulating the Cloud: Policy for Computing Infrastructure” (With Christopher S. Yoo, Cambridge: The MIT Press. 2015), Jean-François Blanchette investigates the current society-wide shift to cloud computing—its history, its possibilities, and its challenges. The book examines the sociotechnical system that has become increasingly integral to the critical infrastructures that sustain daily activities, including transportation, energy, and finance.
More than a dozen contributors to “Regulating the Cloud” consider topics such as the economic implications of the Cloud’s shifting of computing resources from ownership to rental; the capacity of regulation to promote reliability while preserving innovation; the applicability of contract theory to enforce service guarantees; differing approaches to privacy taken by United States and the European Union in the post-Snowden era; the delocalization and geographic dispersal of the archive; and cloud-based virtual representations of the human body through electronic health data. Blanchette authored the book’s introduction with the goal of contextualizing the Cloud within its social and technical history so as to help better anticipate its future evolution.
Blanchette, an associate professor in UCLA’s Department of Information Studies, says that, “We used to have a system where the machine was on your desktop. Now, it’s off somewhere, in data centers. Computing is becoming part of a central infrastructure.” On of the distinct advantage of such a centralized infrastructure is the ability to sync multiple devices: “when you store information in the Cloud, you don’t have to worry if your phone is synced with your laptop or desktop. So it’s very convenient and cheaper.”
Blanchette notes however that cloud computing “creates different forms of control and different forms of risk.” He says that his co-editor and contributors aim to look at this change in environment and at ways to intervene and improve use and reliability of the Cloud at the policy level. Blanchette says that this can be a challenge, due to the fact that data centers are out of sight, literally appearing to be off somewhere in the clouds.
“That’s an important change, a new layer of invisibility that cloud computing entails,” he says. “We don’t have a sense of where the Cloud actually is located. In the past, we couldn’t necessarily see our data, but at least we knew that it was on our desktop. If we took the hard drive away, we knew it was there. Now, we have no idea. But it is somewhere… in some physical location.”
Blanchette underscores both individual and societal dependence on the Cloud, and says that there are trade-offs to outsourcing user’s previous personal responsibility and control over computational resources, and that while on some levels, cloud computing is more efficient and economical, there are also new kinds of risks.
“Now, there are new and different ways to [attacking] data centers – you can have access to the information of a gazillion people,” says Blanchette. It’s. creating new vulnerabilities, new risks.
“One of the risks is simply reliability. When the data center fails or the internet goes down, it’s like when airports don’t function or when there’s an accident on the 405 – the effects are just massive, and these will go on increasing.”
One reason for the vulnerability of cloud computing is the complexity of the technical and social systems that are interconnected.
“The complexity of the system is so enormous, it’s made up of so many different parts that the ability to produce a system that wouldn’t have any failures is highly unlikely,” Blanchette says.
Another consequence of the shift to the Cloud is at the level of control over computational resources of data, software, and hardware.
“There’s a difference between having software in your computer and using software in the Cloud, says Blanchette. “For example, if you’re using Gmail, you don’t decide the features of Gmail – Google decides. So it’s changed the locus of control over how software operates from something that you buy, install, and decide what to do with it to something over which we have little or no control.”
In his introduction to the book, Blanchette underscores that the Cloud is actually a new variation on an old system.
“This is the way it was before we all had personal computers,” he says. “Most institutions had centralized computers called mainframes. So it’s actually a throwback to an era before the 1980s, before the idea of personal computing was born and you could [inexpensively] buy what only an institution could previously afford. We’re going back to that system, but of course, there are now vastly more computers and they are vastly more connected than they were back then.”
While privacy and security remain among the risks in cloud computing, Blanchette says that the physicality of what appears to be ethereal data also raises a question of governance and boundaries.
“Another dimension of cloud computing is the location of the data,” he says. “If you’re dealing with the federal government or municipal government, the information must physically be within county or national lines; this becomes important. And many times, cloud providers will not guarantee that the data will stay within the country, because they are mostly concerned with efficiency in ways that don’t necessarily follow geographical boundaries.
“It’s like buying an airline ticket from Delta but finding that the flight is actually subcontracted to a regional provider, which itself may be subcontracted to yet another lower level provider,” says Blanchette. In the Cloud, it is easy for services to be subcontracted down the line using the cloud’s multilayered infrastructure. It would be difficult to find out physically in what data center you information is being held, over what specific wires it circulated.”
Blanchette says that the issue of the physicality of cloud computing also raises issues of sustainability.
“Computing has become more opaque in a way, but ‘digital’ information is physical – it’s stored somewhere, and it consumes power,” he notes. “Every time you post a status update on Facebook, you’re consuming power somewhere. Data centers are today estimated to consume upwards of three percent of the world’s energy. This is a major concern from Facebook, Google, and Amazon, to move towards so-called green computing.”
Blanchette notes that finding green computing solutions creates choices similar to other forms of energy consumption.
“There’s a tradeoff between how fast a system can be and how much energy it will consume, so it depends on how long you’re willing to wait [for data],” he says. “It’s just like your car – if you want to go faster, you’ll consume more petrol.”
Blanchette also notes that the shift towards greener computing is an important one in terms of our perception of the Cloud.
“We’ve always thought of computing as something in the ether,” he says. “Now, these new data centers burn coal or are solar powered, but they consume energy in some fashion or another. So that’s an interesting dimension that is expected to become more of a concern as more and more services are moving over to the Cloud.”
For a look at “Regulating the Cloud: Policy for Computing Infrastructure,” click here.
Photo by Jennifer Young