To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5...
Transcript of To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5...
![Page 1: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/1.jpg)
ver 2.5 widescreen
To Cloud or Not To. An exploration of the economics of clouds.
radu sion
@ ARO CSW 2013
![Page 2: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/2.jpg)
2 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Feynman Moment
“I have experience only in teaching graduate students […] and as a result […] I know that I don't know how to teach.“ please interrupt and engage!
![Page 3: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/3.jpg)
3 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
The cloud government corporations healthcare
consumers
mobile
computing
storage
knowledge
e-services
“Utility” Computing Transparency Availability Extremely cheap Efficient On-Demand
Online Services Software Platforms Infrastructure Knowledge
global, massive data centers
![Page 4: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/4.jpg)
4 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Clouds v. Grids v. …
+ Control Structure + Illusion of “Unlimited” + No up-front commitment (“pay as you go”) + On-demand + (Very) Short-term allocation + Close to 100% Transparency + Increased Platform Independence + It is actually here and happening!
![Page 5: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/5.jpg)
5 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Buzzword Bandwagon
![Page 6: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/6.jpg)
6 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Flavors
Traditional Outsourcing [(Semi)Private Clouds] ACME Corp. manages servers for XYZ Financials Clouds Amazon EC2, Google Apps, MS Azure Managed servers Un-managed hardware
![Page 7: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/7.jpg)
7 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Should I buy it?
costs vs. benefits
clients
costs technology costs
cost of security etc.
benefits availability
opportunity consolidation
etc. the “cloud”
![Page 8: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/8.jpg)
8 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Core costs of computing
+ Storage ($/MByte/year) + Computing ($/CPU Cycles) + Networking ($/bit)
![Page 9: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/9.jpg)
9 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Reality is way more mundane
Hardware servers, disks, network, racks, power, cooling
Energy power, cooling, infrastructure
People/Service maintenance, development
Space
![Page 10: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/10.jpg)
10 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Size does matter
Home Users (1-10 CPUs) “no” rent/cooling/administration
Small Enterprises (up to 1k)
no custom hardware, low utilization
Mid-size Enterprises (up to 20k) better network service, better utilization
Large/Clouds (50k+)
![Page 11: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/11.jpg)
11 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Clouds
+ Custom hardware + Efficient cooling + Cross-timezone load shifting + High CPU utilization + Preferential network deals + High Power Usage Efficiency (PUE)
![Page 12: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/12.jpg)
12 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Understand cost of CPU cycle
![Page 13: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/13.jpg)
13 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
CPU cycle cost (circa 2009)
1 picocent = 10-14 USD
![Page 14: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/14.jpg)
14 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Consumer clouds today (cca. 2009)
Provider Picocents
Google 0.5 – 2.31
Microsoft 0.7 – 1.96
Amazon 0.93 – 2.36
Rackspace 0.02 – 2.4
![Page 15: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/15.jpg)
15 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Rackspace vs. Amazon (2011)
![Page 16: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/16.jpg)
16 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Amazon RDS (Q4, 2010)
![Page 17: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/17.jpg)
17 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Breakdown
![Page 18: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/18.jpg)
18 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
So: is it worth it?
Mostly yes ...
1 cloud cycle 0.58 picocents
clients
Why ?
1 client cycle 6-27 US picocents
![Page 19: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/19.jpg)
19 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
What about the tubes?
![Page 20: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/20.jpg)
20 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
We are far!
![Page 21: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/21.jpg)
21 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
We are far!
![Page 22: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/22.jpg)
22 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Additional ammunition?
Up to 350 for 3 year lifetime!
![Page 23: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/23.jpg)
23 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Storage capacity over time
![Page 24: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/24.jpg)
24 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
So: should I buy a piece of sky?
… not always.
CPU Cycle 0.58 picocents
1 bit storage/year 5.3-6 picocents
clients
CPU Cycle 6-27 picocents
1 bit storage/year 6 picocents
1 bit network transfer 800-6000 picocents
![Page 25: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/25.jpg)
25 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
So when is it clearly worth it? Q: is the application doing enough
computation work (cheaper) to offset the distance cost to the cloud?
First Principle of Cloud Viability It is not worth outsourcing any task of less than 4000 CPU cycles per transferred 32-bit input.
![Page 26: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/26.jpg)
26 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Why should this hold tomorrow?
Ratio of exponentials is exponential Moore vs. Nielsen
![Page 27: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/27.jpg)
27 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Density (or cycles/$)
![Page 28: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/28.jpg)
28 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Speed
Source: “Gigascale Integration-Challenges and Opportunities”,
Shekhar Borkar, Director, Microprocessor Technology, Intel
![Page 29: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/29.jpg)
29 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Networks
“high end connection speed grows 50% per year”
![Page 30: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/30.jpg)
30 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Liar Liar
![Page 31: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/31.jpg)
31 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
App Owner = Sole Client
CPU Cycle 6-27 picocents CPU Cycle
0.58 picocents
Network >5500 picocents/bit (owner expense)
clients (internal)
app owner
Network very cheap
![Page 32: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/32.jpg)
32 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
But is this the nominal case?
actual question to ask what is the overall application profile?
![Page 33: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/33.jpg)
33 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
App Owner != Client(s)
CPU Cycle 0.58 picocents
client
Network >500 picocents/bit (owner expense)
client client
Network >5000 picocents/bit (owner expense)
CPU Cycle 6-27 picocents
app owner
![Page 34: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/34.jpg)
34 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Insight: we had only partial view!
Second Principle of Cloud Viability “It is almost always worth outsourcing”
![Page 35: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/35.jpg)
35 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Boundary surface of cloud viability
picocents/network bit (cloud)
picocents/CPU cycle (cloud)
application traffic (bits / compute cycle)
Lets fix client-side costs: CPU: 25 picocents/cycle
Network: 3000 picocents/bit
“viable” = anything below this surface
![Page 36: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/36.jpg)
36 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Thus
cloud deployment saves + >4500 picocents per client-to-app traffic bit + tens of picocents per CPU cycle.
![Page 37: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/37.jpg)
37 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Hmmmm? Hmmm …
![Page 38: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/38.jpg)
38 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
But … it seems sooo expensive!!! Computing in cloud 8c/hour = $1.92/day = $700/yr ≡ $2100/3yr Instance utilization is still low! (<12%) Computing “at home” energy = 10c/kWh @ 150W ≡ $394/3yr acquisition = $500 Networking in cloud 5-12c/GB = 582-1397 picocents/bit
![Page 39: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/39.jpg)
39 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Cloud CPU utilization (temp. based)
![Page 40: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/40.jpg)
![Page 41: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/41.jpg)
41 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
What about other goodies?
![Page 42: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/42.jpg)
42 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Crypto costs
![Page 43: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/43.jpg)
43 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Crypto costs
![Page 44: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/44.jpg)
44 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Are clouds more or less secure?
+ Yes + But what is security?!
![Page 45: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/45.jpg)
45 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Trusting stuff …
“behave in the expected manner for
the intended purpose”
![Page 46: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/46.jpg)
46 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Usually the monkey gets you
_____ Voting Machine
online public picture of actual key
![Page 47: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/47.jpg)
47 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Usual suspects
clients
malicious client code isolation, sandboxing, VM
network security ID, SSL, firewalls
![Page 48: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/48.jpg)
48 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Secure Outsourcing
Finance Inc.
proprietary financial models and business logic, sensitive
compliance-governed customer/market data
![Page 49: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/49.jpg)
49 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Ideas government corporations healthcare
consumers
mobile
computing
storage
knowledge
e-services
global, massive data centers
We Want
Data Integrity Query Correctness Data Confidentiality Query Privacy Access Privacy
![Page 50: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/50.jpg)
50 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Diffie Moment
“while it is possible in principle for computation to be done on encrypted data, [...] current techniques would more than undo the economy gained by the outsourcing and show little sign of becoming practical”.
“Whit” Diffie
![Page 51: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/51.jpg)
51 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
So … do they work?
Unfortunately, not!
we don’t know how to practically “secure”
anything more complex that peanut counting.
clients
Why not ?
peanut counting is (too) cheap.
![Page 52: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/52.jpg)
52 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Peanut counting: in cloud vs. local Data Storage 700+ picocents/bit un-amortized extra costs (even in unsecured case!)
PIR (Private Information Retrieval) 2-3 orders of magnitude more expensive
Keyword Searches 4-5 orders of magnitude more expensive
Range Queries 2-3 orders of magnitude costlier even in unsecured case some crypto (signature aggregation) would add another 2+ orders
Simple Aggregators using homomorphisms (e.g., VLDB 2007) – would take 12 days/query for secure parameters
![Page 53: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/53.jpg)
53 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
e.g., storage + data confidentiality
Docs
Practical Techniques for Searches on Encrypted Data D. Song, D. Wagner, and A. Perrig.
Searchable Public Key Encryption D. Boneh, G. Crescenzo, R. Ostrovsky, G.Persiano
Secure Indexes for Searching Efficiently on Encrypted compressed Data E.-J. Goh
Docs
Sequential search
E[kw]
Doc
A few cpu cycles per word
Hundreds of picocents
900 picocents per bit
A few cpu cycles per word
900 picocents per bit
<0.1%
Building index
Decryption cost!
![Page 54: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/54.jpg)
54 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
It’s broken
Existing “secure” data outsourcing mechanisms are 2-5 orders of magnitude more expensive than local execution.
![Page 55: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/55.jpg)
55 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
Brute-forcing 80 bit key?
Oracle costs ~ 1 picocent/bit.
280 x 80 / 2 = 5 x 283 picocents ~ $483.5 billion
for 64 bits … $5 million
![Page 56: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/56.jpg)
56 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
What can you buy with $1 ?
~500,000 2048-bit DSA sigs (in the comfort of your home)
![Page 57: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/57.jpg)
57 March 11, 2013
Economics of Clouds
Stony Brook Network Security and Applied Cryptography Laboratory @ ARO CSW 2013
ACM CCSW 2013 in Berlin
![Page 58: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/58.jpg)
![Page 59: To Cloud or Not To.csis.gmu.edu/albanese/events/march-2013-cloud-security-meeting/0… · ver 2.5 widescreen To Cloud or Not To. An exploration of the economics of clouds. radu sion](https://reader033.fdocuments.in/reader033/viewer/2022052015/602d179ac594625ad532f8e8/html5/thumbnails/59.jpg)