autotldr@lemmings.world
on 04 Jul 2024 16:05
nextcollapse
🤖 I’m a bot that provides automatic summaries for articles:
Click here to see the summary
The so-called TS Cloud will apparently be “purpose-built for Australia’s Defence and National Intelligence Community agencies to securely host our country’s most sensitive information.”
The cloud is touted as giving Australia the chance to “improve our ability to securely share and analyze our nation’s most classified data at speed and at scale, and provides opportunities to harness leading technologies including artificial intelligence and machine learning.”
We understand that sum will cover the cost of building three dedicated datacenters, and establishing a local subsidiary of Amazon to run them and the cloud.
AWS declined to answer questions about arrangements in place to make this a sovereign cloud and referred us to the deputy PM, Richard Marles, who also serves as defence minister.
We asked his office for info on where the cloud will be housed, who will own the infrastructure, payment arrangements, and whether the job was put to open tender.
This deal won’t change that stance: The Register is aware of government agencies building on-prem private clouds – sometimes on open source platforms – so they can scour code to soothe their security worries.
—
Saved 60% of original text.
unexposedhazard@discuss.tchncs.de
on 04 Jul 2024 16:14
nextcollapse
“Top Secret” <> “AWS”
I can only laugh so much guys, careful.
Recant@beehaw.org
on 04 Jul 2024 16:19
nextcollapse
Well I would think that if the customer, in this case the Australian Signals Directorate, encrypted all data prior to going to AWS, it would be protected from any data mining that Amazon does.
I am sure that the ASD isn’t just posting the information unencrypted on AWS or solely trusting Amazon’s encryption where Amazon also has a copy of the key.
unexposedhazard@discuss.tchncs.de
on 04 Jul 2024 17:02
nextcollapse
Well yes and no.
For one there is lots of metadata like access times, the IPs that connect and their locations, traffic amount, etc.
But also like with all “cloud solutions” you are just outsourcing your uptime reliability issues. And for a system like that, im not sure outsourcing that is a great idea.
Yes that metadata can exist but can’t that be obscured if AWS isn’t connected to directly?
I think some of the technical details of how the ASD intends to ensure data protection/confidentiality/integrity are omitted for national security reasons.
unexposedhazard@discuss.tchncs.de
on 04 Jul 2024 17:26
collapse
It looks like it will be on prem, but then i dont even understand why they would involve amazon at all?
Just use the existing public solutions. As soon as any major part of a system that is connected to the internet has proprietary code in it, you cant really trust it to protect secret information anymore.
DeltaTangoLima@reddrefuge.com
on 05 Jul 2024 06:33
collapse
It’s won’t be on-prem, but it will be dedicated data centres, built and run by Amazon, so almost the same as. Why? Because AWS runs better data centres than the gov ever could.
Gov is outsourcing the physical infrastructure risk, just like any other ocmpany that puts their stuff in the cloud.
FalseMyrmidon@kbin.run
on 04 Jul 2024 22:50
collapse
I'm sure it'll be airgapped and completely separate from the rest of AWS.
MisterD@lemmy.ca
on 04 Jul 2024 22:13
nextcollapse
AWS is an American company.
If the US goes facist, Trump could order Amazon to give him a copy of everything they have in their TS cloud
FalseMyrmidon@kbin.run
on 04 Jul 2024 22:49
collapse
That's why you build it in Australia and only give Australian citizens with appropriate security clearances direct operational access.
FalseMyrmidon@kbin.run
on 04 Jul 2024 22:46
collapse
Rekhyt@beehaw.org
on 04 Jul 2024 16:30
nextcollapse
The register providing contrast to the AWS infrastructure build out:
The Register is aware of government agencies building on-prem private clouds – sometimes on open source platforms – so they can scour code to soothe their security worries.
That’s just a local data center, guys. Like how everything was done before “the cloud” became a buzzword.
progandy@feddit.de
on 04 Jul 2024 16:46
nextcollapse
There is some difference I see in the management layer, with more dynamic resource allocation in a cloud infrastructure compared to traditional data center usage.
conorab@lemmy.conorab.com
on 09 Jul 2024 06:20
collapse
I don’t really see the advantage here besides orchestration tools unless the top secret cloud machines can still share it’s resources with public cloud to recoup costs?
threaded - newest
🤖 I’m a bot that provides automatic summaries for articles:
Click here to see the summary
The so-called TS Cloud will apparently be “purpose-built for Australia’s Defence and National Intelligence Community agencies to securely host our country’s most sensitive information.” The cloud is touted as giving Australia the chance to “improve our ability to securely share and analyze our nation’s most classified data at speed and at scale, and provides opportunities to harness leading technologies including artificial intelligence and machine learning.” We understand that sum will cover the cost of building three dedicated datacenters, and establishing a local subsidiary of Amazon to run them and the cloud. AWS declined to answer questions about arrangements in place to make this a sovereign cloud and referred us to the deputy PM, Richard Marles, who also serves as defence minister. We asked his office for info on where the cloud will be housed, who will own the infrastructure, payment arrangements, and whether the job was put to open tender. This deal won’t change that stance: The Register is aware of government agencies building on-prem private clouds – sometimes on open source platforms – so they can scour code to soothe their security worries. — Saved 60% of original text.
“Top Secret” <> “AWS”
I can only laugh so much guys, careful.
Well I would think that if the customer, in this case the Australian Signals Directorate, encrypted all data prior to going to AWS, it would be protected from any data mining that Amazon does.
I am sure that the ASD isn’t just posting the information unencrypted on AWS or solely trusting Amazon’s encryption where Amazon also has a copy of the key.
Well yes and no. For one there is lots of metadata like access times, the IPs that connect and their locations, traffic amount, etc.
But also like with all “cloud solutions” you are just outsourcing your uptime reliability issues. And for a system like that, im not sure outsourcing that is a great idea.
Yes that metadata can exist but can’t that be obscured if AWS isn’t connected to directly?
I think some of the technical details of how the ASD intends to ensure data protection/confidentiality/integrity are omitted for national security reasons.
It looks like it will be on prem, but then i dont even understand why they would involve amazon at all? Just use the existing public solutions. As soon as any major part of a system that is connected to the internet has proprietary code in it, you cant really trust it to protect secret information anymore.
It’s won’t be on-prem, but it will be dedicated data centres, built and run by Amazon, so almost the same as. Why? Because AWS runs better data centres than the gov ever could.
Gov is outsourcing the physical infrastructure risk, just like any other ocmpany that puts their stuff in the cloud.
I'm sure it'll be airgapped and completely separate from the rest of AWS.
AWS is an American company. If the US goes facist, Trump could order Amazon to give him a copy of everything they have in their TS cloud
That's why you build it in Australia and only give Australian citizens with appropriate security clearances direct operational access.
https://aws.amazon.com/federal/us-intelligence-community/
The register providing contrast to the AWS infrastructure build out:
That’s just a local data center, guys. Like how everything was done before “the cloud” became a buzzword.
There is some difference I see in the management layer, with more dynamic resource allocation in a cloud infrastructure compared to traditional data center usage.
.
AWS literally advertises an isolated “GovCloud” service.
.
Cheers for the laugh mate. It’s funny coz it’s true.
.
I don’t really see the advantage here besides orchestration tools unless the top secret cloud machines can still share it’s resources with public cloud to recoup costs?