Storage Vendors to Watch: Cleversafe

The second company with buzz at SNW, but not present at the show, wasn't a surprise unlike Gear6, a storage vendor to watch, in my opinion. As Clark wrote earlier, Cleversafe approach of security through obscurity was being considered a shift from traditional approach of encryption where encryption keys are single point of failure for data that need to be stored for a reasonable length of time. As previously mentioned, Cleversafe is one of my favorite new company also.

Paraphrasing below from Cleversafe patent application [11/241,555], Digital Data Storage System, the concept is simply to provide security through information dispersal and integrity through replication and hashing.

A distributed storage system for storing slices of original data on multiple storage devices in one or more locations. The individual data slices on each storage device are unrecognizable and unusable except when combined with data slices from other storage devices. The data slices are selected by information dispersal algorithms so that even if there is a failure of one or more storage devices, the original data can be reconstructed.

The ah ha! moment for me was when an end-user in a session at SNW asked a speaker for the opinion on Cleversafe grid strategy. Earlier, the same end-user had pointed out to me that he has been evaluating solutions based on clustered and distributed file systems. It also reminded me of last startup, I was involved with, where we were trying to utilize unused storage on untrusted and unreliable nodes within an enterprise. Our vision was more along the lines of FarSite than Cleversafe. We often encountered two questions that are primarily addressed by Cleversafe approach.

1. How will you make sure that data stored on untrusted nodes can not be accessed directly by users at that node?


2. How will you make sure that data stored on unreliable nodes is available even though one or more nodes may be offline.
   

I agree with Clark on the clever strategy adopted by Cleversafe to open source the code and look for revenue from service and support. I just can't visualize Cleversafe as a stand-alone product in an enterprise, more like a component of a larger grid based storage service or solution:

• Leverage the inherent data protection available with distributed storage. Why should data first be pushed to a central location in the name of physical consolidation and then pushed out to duplicate in the name of business continuity?


• Leverage the performance scalability with simultaneous transfer from multiple nodes. Why should data be stored on one node and restricted by the bandwidth and performance available at one node when it can be striped across multiple nodes to enable simultaneous transfer?


• Trend of location proximity of data with user. Why should data be anchored at one place when user is becoming more mobile?