Chip to Cloud, day 1: Cloud security panel

A few bits from Helmut Scherzer, from G&D:

  • The digital natives don’t want to escape the Web. We went from visual Web to the social Web, and they will go to the next step with the semantic web, where knowledge is well classified and organized.
  • big companies are very big. The CEO of Toshiba estimatee that it would take them 10 years to build the same computing power than Goole. Quite an advantage. Plus, of course, Google has a lot of your data, and their CEO told that people are waiting for Google to tell them what to do next.
  • Privacy is not absolute. google Street View made a privacy scandal in Germany, but as Audi introduced Street View in cars, people became interested in seeing their home on it. You can buy people beyond privacy.
  • There is http://pleaserobme.com/ service that is really a nice tool to show how people tell everybody that they are far away from home (no, I am not far away, and there is someone at home)
  • Babyboomers wanted to improve the world and own cars, Generation X want to fin themselves and have been used to computers, and digital natives have grown in computers, and this is true in all aspects of their life.
  • The network has become a moral instance, and pressure from social network is increasing. Network is also not forgiving, as everything gets recorded, and this does not look like a good evolution (especially if you don’t conform with the net morals).

He finished with a wish list for the future, from which my favorite item was “security without doing anything for it”.

Next speaker is Peter Hustinx, European Data Protection Supervisor, about making data protection more effective and consistent across EU. Of course, he talks about upcoming new regulations that would address some issues outlined just before.

  • The first one is to put the user in control, with the right to access, remove data, being forgotten, and much more.
  • Next thing is to make providers responsible, with mandatory assessments./li>
  • Effective supervision is required, with more powerful national organizations, and more cooperation between countries
  • Finally, Europe is only one part of setting up a Global Privacy framework, by setting up instruments for adequate protection, and of course, more cooperation, for instance, between the EC and the FTC.

Next speaker is Joerg Borchert, from Infineon and Trusted Computing Group, rapidly presenting the TCG, including the following statement:

  • The cloud means the mix of trust and multi-tenancy, with a root in hardware at the server level.

Final speaker is Detlef Houdeau, from Eurosmart and Infineon, talking about a whitepaper recently deployed on cloud security.

  • Cloud security is a combination of computing security, network security, and information security. Very different points of views.
  • There are many actors around cloud security, both at the European level and at the industry level, but these efforts don’t focus on the cloud issues. Thisleads to risks, such as the lackof EU guidelines.
  • Eurosmart recommends to work on privacy, security, and data protection

Well, this conference leaves me frustrated, as I didn’t get the same impression of consistency as in the first panel. The speakers sounded a bit like everybody is proposing solutions without listening much to the others. Also, I am not convinced that we have done the work of linking the societal aspects of the cloud, as expressed in the first talk, with clear societal objectives. Instead, we are jumping directly to technical proposals. The legal framework may make the link, by defining incentives to develop the “right” technological answers. Still, privacy by design is a nice idea, that we have to make flexible enough to match the lifestyles of our digital natives. We of course want to avoid falling into Big Brother’s arms, but we also have to make sure that we create an environment in which we can be free to share things freely. And that is a challenge.

No Comments

Leave a Reply

Your email is never shared.Required fields are marked *