Is fog more secure than cloud?
Computer scientists in Italy are working on a new concept for remote and distributed storage of documents that could have all the benefits of cloud computing but without the security issues of putting one's sensitive documents on a single remote server. They describe details in the International Journal of Electronic Security and Digital Forensics.
According to Rosario Culmone and Maria Concetta De Vivo of the University of Camerino, technological and regulatory aspects of cloud computing offer both opportunity and risk. Having one's files hosted on remote servers displaces the hardware requirements and makes files accessible to remote users more efficiently. However, there are gaps in security and accessibility of files "in the cloud". The team has now turned to another meteorological metaphor - fog - and has proposed an alternative to cloud storage that makes any given file entirely immaterial rather than locating it on a single server. They envisage a fog of files rather than a cloud.
The files are distributed on a public or private network and and so have no single location, in this way, there is no single server that would be a target for hackers and so only legitimate users can access them. The researchers point out that, "The trend towards outsourcing of services and data on cloud architectures has triggered a number of legal questions on how to manage jurisdiction and who has jurisdiction over data and services in the event of illegal actions." Fog computing would essentially circumvent the security and legal problems putting files off-limits to hackers and beyond the reach of law enforcement and in particular rogue authorities.
"Our proposal is based on this idea of a service which renders information completely immaterial in the sense that for a given period of time there is no place on earth that contains information complete in its entirety," the team says. They explain that the solution is based on a distributed service which we will call "fog" and which uses standard networking protocols in an unconventional way, exploiting "virtual buffers" in internet routers to endlessly relocate data packets without a file ever residing in its entirety on a single computer server. It's as if you were to send a letter with a tracking device but an incomplete address that simply gets sent from post office to post office and is never delivered.