Akamai Applies for Mobile Security and Sensitive Data Handling Patents
In July 2015, the CEO of Akamai, Tom Leighton, applied for a patent titled “Method and system for handling sensitive data in a content delivery network.” This publication outlines a process by which a CDN such as Akamai could process transactions involving customer’s credit card numbers and payment information.
Currently, a customer shops on a website that is delivered to them via a CDN like Akamai, but when a customer goes to “check out” from their online shopping cart, the CDN is not involved in the actual processing of the sensitive information such as credit card information. When this data transfer occurs, the web page is actually delivered from the origin server, not from the CDN. This patent aims to change that dynamic by patenting the use of SSL and other secure links to handle this phase of the data transfer as well as all other aspects previously handled by the CDN.
The “sensitive data” that Akamai is referring to in this patent is not only credit card information for online shopping, though this is a huge and rapidly growing industry. The patent also broadens the scope of this information to include “information (such as personally identifiable information (PII)), health care information (such as HIPAA-related data), finance information (such as GLBA-related data), other confidential information.” As electronic medical records and the Internet of Things becomes the norm, Akamai does want to be left out of these opportunities for content delivery.
Akamai second patent filed in November 2015 seems to be in a similar vein to the “sensitive information” patent, but addresses mobile content delivery and security. The “Distributed computing service platform for mobile network traffic” patent outlines added platform resources such as deep packet inspection, transcoding, etc. which can be used to create an encrypted channel between a mobile device “through the mobile network, e.g., using content provider key and certificate information available to the platform.”
This patent also utilizes the SSL/TSL links mentioned in the previous patent. Akamai, a leader in content delivery, aims to secure its importance in every aspect of content delivery, whether it is transaction data information transfer or mobile content delivery and mobile secure data transfer. As mobile devices become the preferred devices on which users connect throughout the world and the mobile market grows exponentially, Akamai is trying to keep ahead of and be a leader in the evolving market.
Google Releases Details on the Borg and What It Has Learned From 10 Years of Operation
Google has released a paper detailing the operations and structure of its orchestration cluster manager software, Borg, which has controlled its data centers and applications for more than ten years. Borg has remained a well-kept secret and is believed to have played a large role in Google’s rapid expansion throughout the last decade.
Because Borg does not require different clusters for different applications, but instead managed clusters to operate any software at any time, sending tasks wherever computing power was available, some believe that Borg’s cluster management has saved Google the building of an entire other data center. This paper illuminates many of the details on Borg as well as what Google has learned during its operation. It also hints at its next big player in the orchestration game, Omega.
Borg was created to be highly reliable and available while performing resource management behind the scenes and running workloads across tens of thousands of machines so that users could focus intently on high-level application development. Since Borg’s inception, there have been many other developers that have created Borg-like cluster managers (Apache Mesos, Facebook Tupperware), and Google has added components such as Kubernetes, which automatically adds or deletes resources in a container. Google’s Omega aims to improve upon and alter several aspects of Borg while incorporating new technological advances.
As seen in their Kubernetes software, “jobs” will not be the only grouping mechanism for tasks in Omega, but label queries can be used to provide flexibility in naming and structuring. Additionally, Omega will no longer assign one IP address per machine, and a port will simply be requested, eliminating some infrastructure complexity. Finally, Omega will aim to optimize all users and applications, instead of focusing primarily on high power users.
Borg did teach Google the importance of allocs (allocations, or pods in Kubernetes), which groups containers that are always scheduled together onto the same machine to share resources. From the successes of Borg, Omega will be sure to focus on cluster management over task management when load-balancing, will continue to allow users to “self-help” when debugging is needed and will maintain an API server at the core of a Google’s distributed system to process requests and manipulate underlying state objects.