How eEstonia is driving innovation in the cloud

03.08.2012, 16:32

The following column by Mike Gault , CEO of Guardtime Holdings, was published in today's Äripäev.

For ten years I have been asking myself if Estonia is a country where innovation can really happen or did the “Baltic IT revolution” occur simply because of good timing (independence coming post-internet) and necessity.  Now that it has its own legacy systems would eEstonia sit on its laurels, let entrenched interests resist change and slowly but surely slip down the country IT rankings?  The difference between innovation and invention is execution, could eEstonia really re-invent itself throwing out the old in favor of the new?

How Estonia accepts Cloud Computing will be a fascinating test-case, many people are proclaiming it  as the biggest revolution in computing since the invention of the PC. While there is definitely a lot of marketing hype (typical Estonian response: “We’ve been using cloud for 10 years, back then it was called web hosting”) but at its heart lies a revolution in how we think about computing.

In essence cloud computing means three things

Multi-Tenant: This means that multiple disjoint users utilize the same physical infrastructure (network, CPU, memory, disk) owned and managed by someone else. Henry David Thereau once said “A man is rich in proportion to the number of things he can afford to let alone”. This is the idea of cloud computing, as you no longer own the hardware you are free from managing its lifecycle and even to know anything about it.

You don’t need to know how a fan-belt works to drive a car. Why should you need to know about CPU clock speed to make sure your web app can scale to 100M users?

Elastic: You have the ability to provision and de-provision resources automatically without human interference, with essentially unlimited resources available for when you need to scale.

Service Orientated: This means that you consume services (eg storage, network, compute) and you pay for the services you use automatically with the granularity of billing available potentially down to the second.

The good news for eEstonia is that in the field of data security, an area where Estonia has been historically very strong, the Estonian public sector and private companies and working hand in hand inventing new technologies and driving innovation. Given that security is the biggest inhibitor of adoption of cloud computing this means that Estonia has the potential to be at the very forefront of the cloud computing revolution, again setting standards and being the model for other countries to admire.

A recent paper by IDC, entitled Worldwide Cloud Security 2011–2015 Forecast: A Comprehensive Look at the Cloud/Security Ecosystem. IDC’s program vice president for Security Products and Services Chris Christiansen wrote, "Security in general is a major inhibitor to the adoption of cloud computing among enterprises.” Christiansen wasn’t negative about the need for cloud services and security and went on to say that the cloud security factor “presents a large opportunity for vendors of security products to position their solutions as essential components for building both public and private cloud architectures."

Indeed. There will be major disruption ahead and opportunities for startups, research institutions and Government entities to work together to invent and commercialize layers of intellectual property as part of a new security model for the cloud.  Data Security can be sub-divided into three separate components, the so-called CIA of data security Confidentiality (keeping it private), Integrity (preventing it from being modified) and Availability (ensuring access) is currently experiencing tremendous technology innovation and Estonia is active in all three.

Availability is the easiest to understand how a cloud model can deliver better performance over consumers of IT owning their own data centers. Latest database solutions already provide multi-continent, multi data-center storage redundancy and availability seamlessly to the end user. An example is Joyent’s Global Compute Network, a global alliance of telecommunication providers offering cloud services designed with the highest levels of availability. Levira, an Estonian telecommunications provider, 51% owned by the Estonian state recently announced they had selected Joyent’s Smart Data Center software to offer cloud services within Eastern Europe and Scandanavia, This implies that consumers of Levira’s cloud service can seamlessly migrate and backup their IT resources to other providers in the Global Compute Network providing the very highest levels of availability for disaster recovery.

Integrity, possibly the least understood of the three, is Estonian startup Guardtime’s raison d’etre. Banks, Telecommunication Providers and Governments around the world are adopting Guardtime’s Keyless Signature Infrastructure (KSI), integrating the technology deeply into their data centers, ensuring that every system event and object modification is linked together in a causal chain providing independently verifiable proof of integrity to the end user (and additionally to regulators and auditors).

Confidentiality is possibly the biggest concern to adopt a fully cloud model. Yet here too there is tremendous innovation. Since IBM's Craig Gentry announced the possibility of Fully Homomorphic Encryption (FHE) there has been intense research in the academic community to build something practical. FHE implies that you can store encrypted data and run applications on that encrypted data in the cloud, decrypting the result locally only when an authenticated end user needs to view it, thereby removing any possibility of the cloud operator or outside attacker breaching the confidentiality of the data whilst it is in the cloud. Estonia has a long history of excellence in this field. Senior researcher Helger Lipmaa from the University of Tartu is a leading authority in data privacy and has been pioneering research in efficient cryptographic protocols with immediate applications in cloud computing. Cybernetica, an Estonian research center known for its fundamental innovation was recently awarded a contract from DARPA the US defense research agency to work on a project to allow multiple parties to share information in the cloud with complete confidentiality.

Estonian innovation is not limited to the private sector. Jason Hoffman, CTO of Joyent, one of the world’s leading cloud vendors, second only to Amazon Web Services in Infrastructure as a Service (IAAS), recently visited Estonia and participated in a round-table discussion on cloud computing with Estonian Minister of Economic Affairs Juhan Parts. During the discussion an idea was raised that Estonia could legislate the concept of a “data port”. A data port being a data center (or rack of servers in that data center) that is subject to the laws of a different country to the one where the data center is physical located eg a US company could use Estonia for cloud backup service but still comply with US data residency requirements.