At MaidSafe we talk about the SAFE Network being ‘autonomous’, but what does that really mean? The phrase is something that we are becoming more familiar with, as we hear talk of autonomous vehicles and autonomous robots; as such we probably have a grasp of the underlying concept that autonomous machines do things for themselves. But how does this relate to data and why should we even care?
In simple terms it defines a network that manages all our data and communications without any human intervention and without intermediaries. In an autonomous data network humans take on a new role, we become the definer of rules and protocols that instruct the network on how to manage our data.
The SAFE Network
In practical terms, an autonomous data network is one that configures itself. All data on the network is automatically split into chunks and encrypted (utilising self-encryption) before being stored at random locations selected by the network. Resources are not added to it by an IT administrator; instead nodes join the network anonymously, and are split into small groups at random without any central authority. Each node performs a number of different and clearly defined tasks. These groups, we call them close groups, change as nodes disconnect from and reconnect to the network. They work together making decisions (such as where to store data, who has authority to access data…etc…) on behalf of the network based on the messages they receive. The more technically minded can read in depth about that here.
The network also optimises itself by creating more copies of popular data increasing its availability in order that data requests are served more quickly. This feature also enables SAFE websites to actually speed up as they get more visitors. This is very much contrary to the status quo where we have become accustomed to websites slowing down, or even crashing in severe circumstances under the weight of user requests. Should the network split for any reason, for example through loss of power, it will merge as power is restored, and it will correct faults, such as detecting corrupt data chunks and automatically replacing them with good copies as a result of the networks ongoing data integrity checks.
Remove the middlemen
This design sounds complex, and at the implementation level it is, the dark bags under the eyes of our engineers are testament to that fact, but at a high level it is simple. An approach inspired by the humble ant whose millions of years of evolution influenced the network’s design. Ant colonies exhibit complex and highly organised behaviour without a central authority based on a simple rule set whereby each ant fulfils different duties based on the needs of the colony. Similarly, nodes (computers) on the SAFE Network function in a similar manner where network nodes perform different functions based on the types of messages they receive.
The ant colony shows us that this self managing and self organising behaviour is possible on a massive scale. But why should we try and emulate ants and remove central authorities from the management of our data? Surely for something as important as this, humans are required to oversee operations?
Well, for a start humans are, well human. At our best we are creative, brilliant and passionate, but at our worst we get tired, emotional and we make mistakes. Many data breaches are caused by human error and attackers rely on human interaction to carry out attacks. Researchers at security company Rapid7 found a substantial decline in security alerts on weekends and public holidays which they attribute to less employees interacting with malicious emails, attachments, links and websites. This is in part a result of a lack of training and awareness, only 20% of companies provide cyber security training to their staff, and only 33% have formal policies in place to guide employees.
Human error has also played a significant part in problems with Silicon Valley’s best known companies. In 2011, developers at cloud storage provider Dropbox introduced a bug that left their 25 million client accounts unprotected for 4 hours. Dropbox were subsequently alerted to the problem by an external security researcher and fixed the authentication issue.
Late last year Twitter deleted the account of their CEO Jack Dorsey who lost 700,000 followers in the process citing an ‘internal mistake. Around the same time Facebook deleted posts addressing fake news by their CEO Mark Zuckerberg in error.
While the irony of these incidents can be amusing, they do expose a more serious issue. Not only are humans prone to mistakes, it also highlights that we are afforded access to our accounts and our data by the service providers. We do not really own our information in the true sense of the word. Access to our own data can be removed at any time by the providers either mistakenly or at the request of others.
Physical security plays a hugely important part in all of this. This is one of the major features that an autonomous data networks provides. In data terms, physical security is where the data cannot be: deleted, changed, corrupted, and/or accessed without your (the data owner’s) consent. Only by removing humans from the management of our data can physical security be provided, and is only possible when the storage locations are unknown to anyone but the network, and the user cannot be identified.
Any service where data is stored on servers, federated servers, owned storage locations, or on identifiable nodes, cannot ensure the security of data and brings us no closer to real unfettered ownership of our data. This also includes blockchain based solutions.
The SAFE Network provides physical security by ensuring that only the network knows where the data is and only the user can access it. Even MaidSafe staff don’t know who is on the network, where they are based, what has been stored and where the data is located. SAFE users make a deal with the network and only the data owner can delete or modify the original piece of data with the network verifying who has the right to access each piece of data.
Autonomous things are already starting to have a huge benefit across a number of industries and we are just scratching the surface in finding out how they can positively impact upon our relationship with our data. Rather than making data more secure, the human element unfortunately has the opposite effect and can lead to data loss, theft, inaccessibility and a fundamental lack of ownership.