In my previous blog I discussed the evolution from public, consumer-oriented file sync and share cloud-based technologies to secure and flexible on-premise clouds. I closed the blog by pointing out that the second generation cloud file sync and share technologies has one problem: collaboration across clouds is hard. In this blog, I will share my vision on how to solve this: cloud federation. I will save some of the technical details for a third blog about this subject.
The idea of federated file sync and share services is that everyone can use their local, on-premise service so that they benefit from all the advantages that were mentioned above. But additionally these solutions are capable of communicating with each other across servers and organizations.
You can think about this in a similar way to how email works. Everyone who wants to, can have their own local email server to benefit from all of the storage, speed and security advantages. Others might use a big hosted service like Hotmail or Gmail. But it doesn’t matter if they have their own mail server or if they use email hosted by a provider; everyone can exchange, send and read email no matter where it comes from.
The idea of a federated file sync and share service is similar.
Enterprises and Universities can provide a file sync and share service with all of the above mentioned benefits. Maybe they even implement some of the Universal File Access concepts so that all kinds of existing data silos are accessible. Users of this service can then share files and folders with users on different servers in different organizations. It doesn’t matter if the other user works in a different university that also allows federated sharing or is running the file sync and share service on a rented server somewhere, or if the user is using a file sync and share service on a home machine or is a customer at a cloud service provider. This is all seamless and, from a user point of view, it looks like everyone is on the same centralized service.
This federated sync and share concept is obviously very powerful because it combines the advantages of centralized consumer services with the benefits of on-premise services. But now the question is whether this mesh network of federated servers will undermine the security benefits that you get from an on-premise service. It is possible that users can now share data with anyone around the world after all.
One organization might decide that they only allow sharing with other organizations that are on an approved white list. Others might require that only approved users are allowed to share. Some might want want sharing allowed only with other users in a specific geographic region. Some of these rules can be implemented with proper server configurations. More advanced rules require the use of a Sharing File Firewall. A firewall-like capability that can evaluate each federated sharing request and block or allow each request based on the user, user group, file, path, file size, IP range, devices, data and time, file type and other parameters at a granular level.
Another important aspect to successfully implement federated sync and sharing is logging and auditing. It is useful that all incoming and outgoing sharing requests and file transfers are logged and stored for auditing. This is required in many industries.
Real world user benefits
So what are concrete use cases for this?
Think of a company which collaborates within a network of partner companies. Maybe the partners deliver parts for a product or some of the engineering or manufacturing is outsourced to a partner company. With a federated cloud file sync and share service it is possible that teams and users in these different companies have shared folders where they can work on documents together. The users can sync this share folder to their desktop or mobile if they want. So these users have a completely seamless way to collaborate. Their files might physically be stored in a Windows Network Share in one company or in the SharePoint of a partner company, but this physical location is invisible to the end user.
Think of a working group at different universities who collaborate on a project. With federated file sync and share they can exchange files even when they are at different places around the world. They might use different SSO systems, home directory mounts or different desktop or mobile operating systems. They can still collaborate as if they are connected to the same NFS or AFS. Or imagine a student who temporarily studies in a different university. With federated cloud file sync and share, this student still has easy access to his data and can collaborate with other students and professors independently of which university they are located in.
Think of a consumer who wants to share vacation pictures with friends and family. It is possible to to do this seamlessly with federated cloud file sync and share, even if it is not clear which operating system or cloud software the friend uses. It is still possible to access the data via a public sharing link instead of connecting as a fully federated folder.
The benefits of a federated file sync and share cloud should be clear by now. At ownCloud, we have been working on this technology and in my next blog I will discuss the technical and architectural details of a federated cloud.