Cloud storage

Cloud storage is a model of networked online storage where data is stored in virtualized pools of storage which are generally hosted by third parties. Hosting companies operate large data centers, and people who require their data to be hosted buy or lease storage capacity from them. The data center operators, in the background, virtualize the resources according to the requirements of the customer and expose them as storage pools, which the customers can themselves use to store files or data objects. Physically, the resource may span across multiple servers.

Cloud storage services may be accessed through a web service application programming interface (API), a cloud storage gateway or through a Web-based user interface.

Architecture

Modern day cloud storage is based on highly virtualized infrastructure and has the same characteristics as cloud computing in terms of agility, scalability, elasticity and multi-tenancy, and is available both off-premise (Amazon EC2) and on-premise (ViON Capacity Services)^[1] It is believed to have been invented by Joseph Carl Robnett Licklider in the 1960s.^[2] Since the sixties, cloud computing has developed along a number of lines, with Web 2.0 being the most recent evolution. However, since the internet only started to offer significant bandwidth in the nineties, cloud computing for the masses has been something of a late developer.

It is difficult to pin down a canonical definition of cloud storage architecture, but object storage is reasonably analogous. Cloud storage services like OpenStack, cloud storage products like EMC Atmos and Hitachi Cloud Services, and distributed storage research projects like OceanStore^[3] are all examples of object storage and infer the following guidelines.

Cloud storage is:^[3]

made up of many distributed resources, but still acts as one
highly fault tolerant through redundancy and distribution of data
highly durable through the creation of versioned copies
typically eventually consistent with regard to data replicas

Advantages

Companies need only pay for the storage they actually use as it is also possible for companies by utilizing actual virtual storage features like thin provisioning.^[4]
Organizations can choose between off-premise and on-premise cloud storage options, or a mixture of the two options, depending on relevant decision criteria that is complementary to initial direct cost savings potential; for instance, continuity of operations (COOP), disaster recovery (DR), security (PII, HIPPA, SARBOX, IA/CND), and records retention laws, regulations, and policies.^[5]
Storage maintenance tasks, such as backup, data replication, and purchasing additional storage devices are offloaded to the responsibility of a service provider, allowing organizations to focus on their core business, but the fact stays the same that someone has to pay for the administrative effort for these tasks ^[4]
Cloud storage provides users with immediate access to a broad range of resources and applications hosted in the infrastructure of another organization via a web service interface.^[6]
Cloud storage can be used for copying virtual machine images from the cloud to on-premise locations or to import a virtual machine image from an on-premise location to the cloud image library. In addition, cloud storage can be used to move virtual machine images between user accounts or between data centers.^[7]

Potential concerns

Attack surface area

Outsourcing data storage increases the attack surface area.^[8] The article referenced does not mention storage, but refers generically to cloud computing.

When data is distributed it is stored at more locations increasing the risk of unauthorised physical access to the data. For example, in cloud based architecture, data is replicated and moved frequently so the risk of unauthorised data recovery increases dramatically. (e.g. disposal of old equipment, reuse of drives, reallocation of storage space) The manner that data is replicated depends on the service level a customer chooses and on the service provided. Different cloud vendors offer different service levels. Risk of unauthorized access to data can be mitigated through the use of encryption, which can be applied to data as part of the storage service or by on-premises equipment that encrypts data prior to uploading it to the cloud.
The number of people with access to the data who could be compromised (i.e. bribed, or coerced) increases dramatically. A single company might have a small team of administrators, network engineers and technicians, but a cloud storage company will have many customers and thousands of servers and therefore a much larger team of technical staff with physical and electronic access to almost all of the data at the entire facility or perhaps the entire company. ^[9] Encryption keys that are kept by the service user, as opposed to the service provider limit the access to data by service provider employees.
It increases the number of networks over which the data travels. Instead of just a local area network (LAN) or storage area network (SAN), data stored on a cloud requires a WAN (wide area network) to connect them both.
By sharing storage and networks with many other users/customers it is possible for other customers to access your data. Sometimes because of human error, faulty equipment, a bug and sometimes because of criminal intent. This risk applies to all types of storage and not only cloud storage. The risk of having data read during transmission can be mitigated through encryption technology. Encryption in transit protects data as it is being transmitted to and from the cloud service. Encryption at rest protects data that is stored at the service provider. Encrypting data in an on-premises cloud service on-ramp system can provide both kinds of encryption protection.

Supplier stability

Companies are not permanent and the services and products they provide can change. Outsourcing data storage to another company needs careful investigation and nothing is ever certain. Contracts set in stone can be worthless when a company ceases to exist or its circumstances change. Companies can...

Go bankrupt.
Expand and change their focus.
Be purchased by other larger companies.
Be purchased by a company headquartered in a country that negates compliance with U.S. Government ITAR.
Suffer an irrecoverable disaster.

Accessibility

Performance for outsourced storage is likely to be lower than local storage depending on how much a customer is willing to spend for WAN bandwidth^[4]
Reliability and availability depends on wide area network availability and on the level of precautions taken by the service provider.^{[citation needed]}

Other concerns

Security of stored data and data in transit may be a concern when storing sensitive data at a cloud storage provider ^[4]
Users with specific records-keeping requirements, such as public agencies that must retain electronic records according to statute, may encounter complications with using cloud computing and storage. For instance, the U.S. Department of Defense designated the Defense Information Systems Agency (DISA) to maintain a list of records management products that meet all of the records retention, personally identifiable information (PII), and security (Information Assurance; IA) requirements ^[10]
Cloud storage is a rich resource for both hackers and national security agencies.^[11]^[12]

Costs

Cloud storage may be cost-efficient for many corporations and small businesses for everyday use, but for the average user of the computer and internet, the costs of cloud storage may outweigh its benefits. As a result users have other alternatives of storage such as:

Local wired hard drive
Local wireless hard drive
External USB hard drive

References

^ "On-premise private cloud storage description, characteristics, and options".
^ ComputerWeekly Article: A History of Cloud Computing
^ ^a ^b S. Rhea, C. Wells, P. Eaton, D. Geels, B. Zhao, H. Weatherspoon, and J. Kubiatowicz, Maintenance-Free Global Data Storage. IEEE Internet Computing , Vol 5, No 5, September/October 2001, pp 40–49. [1] [2]
^ ^a ^b ^c ^d ZDNet, Nasuni Cloud Storage Gateway By Dan Kusnetzky, June 1, 2010, [3]
^ "Ochs, R. (2012). The New Decision-Makers. CRN (June 22, 2012). Retrieved on December 10, 2012".
^ O’Brien, J. A. & Marakas, G. M. (2011). Computer Software. Management Information Systems 10th ed. 145. McGraw-Hill/Irwin
^ Wu C F, Wang Y S, Liu G N, Amies, A, 2012, Create solutions on IBM SmartCloud Enterprise: Transfer image assets between different accounts IBM developerWorks, June 6.
^ http://www.sans.edu/research/security-laboratory/article/did-attack-surface
^ "US-CERT ICS-TIP-12-146-01 Targeted Cyber Intrusion and Detection Mitigation Strategies" (PDF).
^ "DoDD 5015.2 DOD Records Management Program, Section 5.1.3" (PDF).
^ http://www.pcworld.com/article/252209/national_security_agency_pressed_to_reveal_details_on_google_deal.html
^ http://www.pcworld.com/article/197659/google_ditches_microsofts_windows_over_security_issues_report_claims.html

[1] "On-premise private cloud storage description, characteristics, and options".

[origin-2] ComputerWeekly Article: A History of Cloud Computing

[oceanstore-3] S. Rhea, C. Wells, P. Eaton, D. Geels, B. Zhao, H. Weatherspoon, and J. Kubiatowicz, Maintenance-Free Global Data Storage. IEEE Internet Computing , Vol 5, No 5, September/October 2001, pp 40–49. [1] [2]

[zdnet-4] ZDNet, Nasuni Cloud Storage Gateway By Dan Kusnetzky, June 1, 2010, [3]

[5] "Ochs, R. (2012). The New Decision-Makers. CRN (June 22, 2012). Retrieved on December 10, 2012".

[6] O’Brien, J. A. & Marakas, G. M. (2011). Computer Software. Management Information Systems 10th ed. 145. McGraw-Hill/Irwin

[7] Wu C F, Wang Y S, Liu G N, Amies, A, 2012, Create solutions on IBM SmartCloud Enterprise: Transfer image assets between different accounts IBM developerWorks, June 6.

[8] ttp://www.sans.edu/research/security-laboratory/article/did-attack-surface

[9] "US-CERT ICS-TIP-12-146-01 Targeted Cyber Intrusion and Detection Mitigation Strategies" (PDF).

[10] "DoDD 5015.2 DOD Records Management Program, Section 5.1.3" (PDF).

[11] ttp://www.pcworld.com/article/252209/national_security_agency_pressed_to_reveal_details_on_google_deal.html

[12] ttp://www.pcworld.com/article/197659/google_ditches_microsofts_windows_over_security_issues_report_claims.html

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

v t e Cloud computing
Business models	Content as a service Data as a service Desktop as a service Function as a service Infrastructure as a service Integration platform as a service Backend as a service Network as a service Platform as a service Security as a service Software as a service
Technologies	Cloud database Cloud-native computing Cloud storage Cloud storage gateways Data centers Dew computing Distributed file system for cloud Hardware virtualization Internet Mobile cloud computing Native cloud application Networking Personal cloud Security Serverless computing Structured storage Virtual appliance Web APIs Virtual private cloud
Applications	Box Dropbox Google Workspace Drive HP Cloud (closed) IBM Cloud Microsoft Office 365 OneDrive Nextcloud Oracle Cloud Owncloud Proton Drive Rackspace Salesforce Seafile PlateSpin Workday Zoho
Platforms	Alibaba Cloud Amazon Web Services AppScale Box CloudBolt Cloud Foundry Cocaine (PaaS) Creatio Engine Yard Helion GE Predix Google App Engine GreenQloud Heroku IBM Cloud Inktank Jelastic Microsoft Azure MindSphere Netlify Oracle Cloud OutSystems openQRM OpenShift PythonAnywhere RightScale Scalr Force.com SAP Cloud Platform Splunk Vercel vCloud Air WaveMaker
Infrastructure	Alibaba Cloud Amazon Web Services Abiquo Enterprise Edition CloudStack Citrix Cloud Deft DigitalOcean EMC Atmos Eucalyptus Fujitsu Google Cloud Platform GreenButton GreenQloud IBM Cloud iland Joyent Linode Lunacloud Microsoft Azure Mirantis Netlify Nimbula Nimbus OpenIO OpenNebula OpenStack Oracle Cloud OrionVM Rackspace Cloud Safe Swiss Cloud Zadara libvirt libguestfs OVirt Virtual Machine Manager Wakame-vdc Vercel Virtual Private Cloud OnDemand
Category Commons