Cleversafe: Making Information Safe Inside And Outside The Cloud

Posted by David Hill
August 03, 2010

Cloud computing attracts a lot of attention, but it is also being examined closely for whether it meets specific business requirements. Data security tops executive concerns, but other issues such as availability and scalability are often mentioned as well. Cleversafe has come up with a very interesting approach that addresses these and other issues. Founded in 2004, Cleversafe is a small (about 40 employees) company headquartered in Chicago. The focus of its hardware is on data protection with an emphasis on confidentiality, integrity, and availability (CIA), the three core principles of information security as it pertains to data protection. Cleversafe sells its software integrated in storage server appliances, such as Slicestor, and Accesser dispersed storage routers.
 
Cleversafe offers a lot for cloud computing, although the company's solutions are by no means limited to cloud environments. The company's promises include data security, data integrity, data protection, availability, multi-site performance and scalability. Note that these six items become even more important as the size of a customer's storage environment increases. That requires more hard disks and even though each individual drive has a relative high availability, collectively, failures will inevitably happen.

Let's see what Cleversafe does. First, it transforms data into "slices" by using equations such that a subset of the slices can be used to transform themselves back to the original data, but an individual slice by itself is useless to an attacker or thief. A different number of slices can be selected, which is called width. For discussion purposes, let's select a width of 32 slices. Each slice can be distributed to a different storage device. The slices are created using mathematical equations and information dispersion algorithms. The data is recoverable if, and only if, any of a threshold minimum of slices can be retrieved. For example, with a width of 32 slices, 24 may be configured as the threshold minimum. Note that in a cloud environment the data can be distributed to a number of different physical locations. Eight data locations might be a bit much to manage, but four should be feasible.

There are a number of important (and in some instances, startling) conclusions that can be drawn from Cleversafe's methodology. First, around data privacy, no data breach occurs if the unauthorized access of slices is below the threshold; that means that a disclosure statement would not be required. As for data integrity, as long as a threshold number of slices are available, the end result of Cleversafe's data retrieval is that it is always bit perfect; such things as bit errors, physical read and write errors, malicious data tampering, and accidental data corruption cannot destroy the accuracy of the data.

In addition, data is always available; routine maintenance operations at one location of the system cannot affect overall availability (for example, there is zero disruption for upgrades) nor can drive, location, server and connection failures affect availability. With a 32-width, 24-threshold configuration, up to eight simultaneous failures or outages can be tolerated.

Cleversafe also meets strong data protection storage requirements. The redundancy required to protect data can be 33 percent for a 32-width, 24-threshold environment; that means if someone wants to protect 1PByte of data, only a mere 1.33PBytes of data is required. This is sufficient to protect against eight simultaneous storage device failures, or  against a whole location failure (assuming four sites are used). Contrast that requirement to other approaches including standard RAID and replication solutions (which are not sufficient for Pbyte-size environments); according to Cleversafe, standard RAID can require 3.5 times the number of bits of the original data (and that seems to be a fair assessment); think of all the equipment, administration and "green" energy savings.

Cleversafe's method also has compelling privacy implications. That's because slices aren't just a portion of the data. Slices are created from mathematical equations that transform the data into incomprehensible bits and bytes. Each slice alone has no information. No useful information, such as personally identifiable information (PII), can be recovered from any less than the threshold number of slices, so any privacy requirements should be met.

Cleversafe calls its approach "secret sharing" as contrasted to secret key encryption. While its approach is not the same as traditional encryption, is it still encryption? The answer is yes. One definition of encryption is that it is to encipher. One definition of cipher is that it is a secret method of writing. The Cleversafe approach certainly qualifies. In fact, while traditional encryption requires only one breach to gain access to the key to decrypt data, secret sharing requires the threshold number of breaches -- in our example 24 -- to recreate the data. So Cleversafe provides a solution that qualifies as encryption, but the efforts to attack the data are extremely difficult when compared to traditional encryption. The recent Commonwealth of Massachusetts PII-related law does not care what type of encryption is used as long as it is encryption. And Cleversafe certainly qualifies.

The other legal issue is chain of custody, which is necessary to ensure data is valid for use in civil litigation. Cleversafe interoperates with external access control mechanisms that meet an organization's security standards, such as for litigation holds. As for malicious tampering (such as attempts to corrupt data through hacking and thereby render the data useless for legal purposes), Cleversafe has a strong solution for guaranteeing the bit-integrity of data. Their integrity check approach ensures that data that is originally written by an authorized user can be proven as the data that is returned because the data-level integrity check must be valid in order to retrieve the data.

Although Cleversafe supports blocks and files (the traditional ways to access data), in the main the company focuses on object-based storage. Since it does not use a file system, what might have been called files are called objects. Objects can be kept in what is called an object store and can be accessed directly by an application (as long as it knows the ID of the object) without first having to go through a file interface.

This has a couple of significant benefits, including no limit on concurrent readers and writers (thus creating a true shared access model). It also enables performance and capacity scaling independently without limits. This approach works best with digital content, such as might be found in cloud storage systems, massive digital archives, or in distributed content and collaboration.

Although there may be exceptions, Cleversafe's approach is not aimed at structured data, such as databases, that use blocks for transaction processing or semi-structured data that can be searched on, such as e-mails and word processing documents where a file system is useful for dealing with large numbers of relatively smaller files. Moreover, Cleversafe feels that the lower limit of its approach is about 50TBytes, so it is definitely not for the lower end of the market, though it could prove of interest to many mid-sized businesses.

Even though the Cleversafe approach is not for everyone, it shows the way to obtain a high level of protection against data breaches while keeping the level of redundancy for data protection purposes at a very low level. Customers should look very closely at all the ways that Cleversafe can provide a very sound solution for either a public or private cloud.

Overall, the discussion of where block, file, and, now, object-based storage each best play a role has to be revisited by the vendors. The benefits that Cleversafe offers to its object-based storage customers (including data breach protection) are simply too attractive to leave to object-based digital content. Whether it is technically feasible will have to be left up to the experts, but it is definitely worth thinking about. At the date of posting, Cleversafe is not a client of the Mesabi Group or David Hill.

Related Reading

More cloud-storage Insights