Over the years, a large amount of data has been transferred to the cloud, including personal files, photos, files and copyrighted content. The user base of paid and free cloud services continues to grow. According to the data of research and markets, the cloud storage market will grow by about 29.73% every year and reach US $92.5 million by 2020. Companies like Dropbox, Google, Microsoft, box, Amazon and apple are all leaders; Yandex and mail.ru are also major players in Russia.
However, centralized cloud systems have weaknesses. Data is stored in the data center, usually not encrypted, or not encrypted to a high enough level; More importantly, large companies are more vulnerable to human errors. As a result, there is a high risk of information loss or disclosure due to technical errors or malicious purposes of attackers. Even industry leaders are not immune. A widely reported incident occurred in Dropbox in 2011. When there was an error in the access control account, the account on the service can be accessed for hours without a password. In August 2014, private photos of Hollywood stars were put online after icloud and Google hard drives were stolen; According to the investigation, the potential cause of the leak is phishing. The list continues.
Concentration creates another problem. Users depend on managing the organization’s operations and policies. For example, when Amazon cancelled its unlimited plan in June 2017, many enterprises were forced to find new data storage solutions. In addition, service providers can access all stored information and submit it to government departments.
Blockchain based distributed data storage new products provide a way out of this situation. Services such as storj (2014), maidsafe (2014), SIA (2015) and others are based on the popular trend of using spare capacity: at present, the free disk space on ordinary PCs greatly exceeds the resources of existing cloud services. Distributed storage system recommends that users rent unused disk space and receive tokens as rewards. The custodian is directly interested in the integrity of the information, as the loss of data will result in fines.
The system based on distributed ledger technology does not need external rules. All participants are anonymous and have equal rights. Data is no longer stored in one place: files uploaded to the system are divided into blocks and protected with advanced encryption. Only the key holder can access the information. These data blocks are distributed and redundant, so even if several computers fail, the information will not be lost. In addition to technical advantages, decentralized cloud services have another direct benefit: they are more than 10 times cheaper than centralized cloud services.
So what’s wrong with the new direction of data storage? The first is the lack of control over the operation of private devices and the inability to ensure high-speed information transmission. Redundant protection data, but limited to a certain point; Some of them may still be permanently lost due to equipment failure. Secondly, the new and promising distributed ledger technology has not only attracted the interest of developers and investors, but also attracted swindlers. With the development of blockchain, attacks become more and more complex. Attackers not only use standard fraud means (infecting malware, counterfeiting phishing websites, sending service letters) but also have more targeted attacks to find vulnerabilities in system architecture and smart contracts.
A holistic approach to software, hardware, and user level security can significantly reduce the potential risk of data loss or leakage. First, the development of systems and smart contracts can only be entrusted to professionals. At present, only a small part of all the smart contracts in use have passed the audit, and the attackers have a strong motivation: some vulnerabilities, if found, may bring millions of dollars in cryptocurrency compensation. Only encryption experts familiar with various attack types can create reliable product protection.
Second, the devices used for data storage must be monitored. Using professional equipment instead of ordinary personal computers will help to improve the stability and fault tolerance of the system. At the same time, ensure high-speed connection and 24 / 7-hour data access.
Finally, the user level system security can be improved through the following security operations: carefully check the web address in the browser and check the certificate. It is best to save the website in the bookmark, because the fake website address may have only one character, which is different from the real website, and may be higher in the ranking level of search results; Pay attention to the “from” field and do not click the suspicious link in the email; Keep the software updated and use reliable anti-virus software.
The problem of how to achieve reliable and accessible cloud data storage remains unresolved. The future of this field lies in the rapid response of projects when threats appear, and the creation of flexible professional solutions to combine the potential of blockchain, high-quality encryption technology and adaptive infrastructure.