Cleversafe addresses cloud security concerns

By Dave Simpson

– According to numerous surveys, security is the #1 issue among users considering cloud storage. Cleversafe addressed that concern this week with the 2.0 release of its software, which includes enhancements in confidentiality, integrity and availability (CIA).

Cleversafe's Dispersed Storage technology divides data into slices and disperses them across multiple storage nodes (typically across three or four data centers). Each of the slices is secure, and a defined threshold of slices can be used to "bit-perfectly" recreate the original data. The technology provides an alternative to making multiple copies via replication.

In the Cleversafe 2.0 software, the company enhanced its SecureSlice technology for improved confidentiality by integrating it with its full security system, according to Chris Gladwin, Cleversafe's CEO. SecureSlice virtualizes and encrypts data without the need for encryption key management via "secret sharing" techniques.

"Embedded [keyless] encryption is significant because it deals with the worst part of encryption – key management [as well as bulk encryption and re-encryption]. With Cleversafe, it's totally automated," says David Vellante, co-founder of The Wikibon Project.

Also in the Cleversafe 2.0 release, the company enhanced its PerfectBits data integrity features. PerfectBits previously provided slice-level integrity checking, and now also provides data-level integrity checking. In addition to guaranteeing data integrity prior to delivery, these techniques ensure that data cannot be modified without authorization.

For higher availability, Cleversafe 2.0 enables zero downtime upgrades and migration. The new SmartWrite and SmartRead features guarantee availability for writing data and optimize content distribution even when storage nodes have failed.

According to Gladwin, Cleversafe's primary vertical market so far has been the government (military, intelligence), but the startup is starting to see interest from cloud storage providers and the healthcare and media/entertainment industries.

Wikibon CTO David Floyer summarizes some of the advantages of Cleversafe's technology in a cloud storage context: "Cleversafe uses the very nature of cloud computing to both protect and secure data. The data is broken up into slices that are spread across multiple storage nodes in multiple locations. The Cleversafe algorithms then allow the owner of the data to locate and reassemble the data as required. If up to six of those sites are down, 100% of the data is still reassembled. In addition, if data from sites is stolen, no data can be reconstructed. The result is that the cost of replication is cut by 75%, and the processing and management overheads of encryption are avoided."

Cleversafe will eventually compete with a variety of emerging vendors, but currently competes primarily with EMC's Atmos GeoProtect technology.

Related articles:

EMC intros GeoProtect, new hardware for Atmos
Cleversafe beefs up dsNet hardware for cloud deployments
Cleversafe adds object-based storage to dsNets

This article was originally published on March 30, 2010