Más contenido relacionado La actualidad más candente (20) Similar a What is tokenization in blockchain - BCS London (20) What is tokenization in blockchain - BCS London2. Copyright ©Protegrity Corp.Copyright ©Protegrity Corp. | Protegrity Confidential
2
• Chief Security Strategist,
Protegrity
• Chief Technology Officer at
Protegrity, Atlantic BT, and
Compliance Engineering
• Head of Innovation at
TokenEx
• IT Architect, IBM
Ulf Mattsson
• Develop Industry Standards
• Inventor of more than 70 issued US Patents
• Products and Services:
• Data Encryption, Tokenization, and Data
Discovery,
• Cloud Application Security Brokers (CASB)
and Web Application Firewalls (WAF)
• Security Operation Center (SOC) and
Managed Security Services (MSSP)
• Robotics and Applications
Dec 2019
May 2020
Tokenization Management and
Security
Cloud Management and Security
Jan 2021
May 2020
Cloud Security
Alliance (CSA)
Payment Card Industry (PCI)
Security Standards Council (SSC):
• Tokenization Task Force
• Encryption Task Force
• Risk Assessment SIG
• Cloud SIG
3. Copyright ©Protegrity Corp.
Copyright ©Protegrity Corp. | Protegrity Confidential
3
Agenda
• Blockchain
• What is Blockchain?
• Use cases, trends and risks
• Vendors and platforms
• Data protection techniques and scalability
• Tokenization
• Digital business
• Convert a digital value into a digital token
• Local and central models
• Cloud
• Tokenization in Hybrid cloud
6. 6Copyright ©Protegrity Corp. | Protegrity Confidential
6
Source: Gartner
Blockchain has five elements
1. Distribution: Blockchain participants are
located physically apart from each other
and are connected on a network
2. Encryption: Blockchain uses technologies
such as public and private keys to record
the data in the blocks securely and semi-
anonymously
3. Immutability: Completed transactions are
cryptographically signed, time-stamped
and sequentially added to the ledger
4. Tokenization: Transactions and other
interactions in a blockchain involve the
secure exchange of value
5. Decentralization: Both network
information and the rules for how the
network operates are maintained by nodes
on the distributed network due to a
consensus mechanism
7. 7Copyright ©Protegrity Corp. | Protegrity Confidential
7
Blockchain
Strengths,
Weaknesses,
Opportunities
and
Threats
(SWOT)
Source: Gartner
10. 10Copyright ©Protegrity Corp. | Protegrity Confidential
10
Computer
world
Example of startups implementing distributed ledger technology software, 2019
14. 14Copyright ©Protegrity Corp. | Protegrity Confidential
14
Enterprise Blockchain platforms
Amazon Hyperledger Fabric
Ant Financial Ant Blockchain Technology, Hyperledger
Anthem Hyperledger Fabric
Aon R3 Corda
Baidu Hyperledger Fabric—
Bitfury Bitcoin, Exonum
BMW Hyperledger Fabric, Ethereum, Quorum,
Broadridge Hyperledger Fabric, Quorum, Corda, DA
Cargill Hyperledger Sawtooth, Hyperledger Grid
China Construction Bank Hyperchain, Hyperledger Fabric
Citigroup Axcore, Symbiont Assembly, Quorum
Coinbase Bitcoin, ethereum, XRP and 24 others
Credit Suisse Corda, Paxos
Daimler Hyperledger, Corda, Ethereum
De Beers Ethereum
Depository Trust & Clearing Corporation (DTCC) Axcore
Dole Foods IBM Blockchain, Hyperledger Fabric—
Facebook Hotstuff
Figure Hyperledger Fabric
Foxconn Ethereum
General Electric Microsoft Azure, Corda, Quorum, Hyper
Google Chainlink, Bitcoin, Ethereum, Bitcoin Cas
Honeywell Hyperledger Fabric
HSBC Ethereum, Corda, Hyperledger Fabric
Enterprise
IBM
ING Group
Intercontinental Exchange
JPMorgan
LVMH
Mastercard
Microsoft
Nasdaq
National Settlement Depository
Nestlé
Optum
Overstock
Ripple
Royal Dutch Shell
Samsung
Santander
Signature Bank
Silvergate Bank
Square
Tencent
T-Mobile
UBS
United Nations
Vanguard
VMware
Walmart
Examples Using
Blockchain
50 Enterprises:
5 Logistics:
Forbes
Computerworld
15. 15Copyright ©Protegrity Corp. | Protegrity Confidential
15
Major Blockchain platforms
used by Enterprises
Forbes
ssembly DAML Axcore
Stell
ar
Burr
ow
Sovri
n
Trust
SQL
MS IBM Waves
XR
P
NX
T
Nextl
edger
Ravencoi
n
Flori
n
XRP
Chain
link
Dash
Doge
coin
Hotstuf
f
Tezo
s
Hyperc
hain
Zcas
h
Ant
Litec
oin
Other
3 3 2 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 45
Platform Hyperledger Ethereum Corda Bitcoin Quorum Assembly DAML Axcore
Stell
ar
Burr
ow
Sovri
n
Trust
SQL
MS IBM Waves
Enterprise
customers
27 24 9 9 6 3 3 2 1 1 1 1 1 1 1
Platform Hyperledger Ethereum Corda Bitcoin
Enterprise
customers
27 24 9 9
a 1 1
b 1 1
c
d
e 1
f 1
g 1 1
h 1 1 1
i 1 1
j 1 1
k 1
l 1 1
m
n 1 1 1
o 1
p 1
q 1
r 1
s 1
t 1
u 1 1 1
v 1 1 1
• Hyperledger – extendable, various industries
• Ethereum - independent of specific field
• Corda - financial service industry
16. 16Copyright ©Protegrity Corp. | Protegrity Confidential
16
Major
Blockchain
platforms
Source: https://medium.com/@philippsandner/comparison-of-ethereum-hyperledger-fabric-and-corda-21c1bb9442f6
17. 17Copyright ©Protegrity Corp. | Protegrity Confidential
17
Gartner and springer.com
A secure and extensible blockchain-based data provenance framework
18. 18Copyright ©Protegrity Corp. | Protegrity Confidential
18
Blockchain Use Cases
1. Asset Tracking. These use cases cover the tracking of physical assets through the supply chain to identify
location and ownership accurately.
2. Claims. This category covers automated claims processing in areas such as auto mobile, agriculture, travel,
and life and health insurance.
3. Identity Management/Know Your Client (KYC). This category covers uses where records must be securely
tied to an individual.
4. Internal Record Keeping. In these use cases, the data to be secured remains within an individual
organization.
5. Loyalty and Reward. This category includes use cases for tracking loyalty points
6. Payment/Settlement. Use cases in this category involve a payment between parties, or settlement of a
trade.
7. Provenance. Similar to the asset-tracking use case, this covers recording the movement of assets, but the
aim is to show the full history and ownership of the asset, rather than its location.
8. Shared Record Keeping. This category includes use cases where data needs to be shared securely between
multiple participants.
9. Smart Cities/the IoT. This group includes use cases that use blockchain to provide data tracking and to
control functions for smart spaces or IoT solutions.
10. Trade Finance. These use cases aim to streamline the process of financing trades, including managing letters
of credit, simplifying trade finance and facilitating cross-border trade.
11. Trading. Use cases in this group aim to improve the process for buying and selling assets, including dealing in
derivatives, trading of private equity and sports trading.
Gartner
20. 20Copyright ©Protegrity Corp. | Protegrity Confidential
20
Gartner
Blockchain has the potential to reshape industries
Enabling trust, providing transparency and enabling value exchange across
business ecosystems
— potentially lowering costs, reducing transaction settlement times and improving cash flow.
• Assets can be traced to their origin, significantly reducing the opportunities for substitutions with
counterfeit goods.
• Asset tracking also has value in other areas, such as tracing food across a supply chain to more easily
identify the origin of contamination or tracking individual parts to assist in product recalls.
• Another area in which blockchain has potential is identity management.
• Smart contracts can be programmed into the blockchain where events can trigger actions;
• Example, payment is released when goods are received.
23. 23Copyright ©Protegrity Corp. | Protegrity Confidential
23
Gartner, 2020
Seven enterprise blockchain project mistakes
1. Misusing or misunderstanding blockchain technology
Gartner states that the vast majority of projects focus on recording data. Many fail to use major capabilities such as decentralized consensus,
smart contracts and tokenization.
2. Assuming technology is more mature than it is
Some corporates believe blockchain technology is ready for production use, even though many platforms are still immature for large-scale
production. Gartner expects this will change within the next few years.
3. Confusing a protocol with a business solution
A protocol is the underlying technology such as Hyperledger Fabric of R3’s Corda and is invariably applicable to several industries.
4. Viewing blockchain as a database
Databases are capable of creating, reading, updating and deleting data. Not so with blockchains.
5. Assuming that interoperability standards exist
Although some platforms talk about interoperability, Gartner finds it challenging to envision interoperability when all the protocols are evolving
quickly.
6. Assuming smart contract technology is a solved problem
Smart contracts don’t just execute code on a single system. Instead, they are run by all nodes on a blockchain.
7. Ignoring governance issues
In private or permissioned blockchain governance is usually by the owner or contractual. While challenging, the problem is far bigger for public
blockchains.
26. Copyright ©Protegrity Corp.
Copyright ©Protegrity Corp. | Protegrity Confidential
26
If there is a Picasso’s painting valued
at $50 million, it can be tokenized.
• The same applies to gold and
diamonds.
Company stocks are more
complicated because in most
jurisdictions it is prohibited to sell
fractional parts of company shares.
• Bankex — “Bankex provides the universal solution which can transform different asset classes to a digital
system/field/economy/area providing it with liquidity, flexibility, and safety for asset owners and investors
like never before”
• Maecenas — “Maecenas is a new online marketplace promises to give art lovers the chance to buy shares
in famous paintings.[The Telegraph]”
• LaToken — “LATOKEN’s mission is to make capital markets and trading available 24/7 T+0, with a broader
range of asset classes. We aim to facilitate capital reallocation into promising businesses, which will foster
job creation with higher productivity.”
Transform different asset classes
27. 27Copyright ©Protegrity Corp. | Protegrity Confidential
27
Tokenization in
real estate
• Suppose there is a $200,000
apartment
• Tokenization can transform this
apartment into 200,000 tokens
• Thus, each token represents a
0.0005% share of the underlying asset
• Finally, we issue the token on some
sort of a platform supporting smart
contracts
• For example on Ethereum,
• The tokens can be freely bought and
sold on different exchanges
• Imagine you want to invest in real estate, but your initial
investment is modest — say $5,000.
• Perhaps you want to start small and increase your investment
gradually.
You are not becoming a legal owner of the property. However, because Blockchain is a public ledger that is immutable, it
ensures that once you buy tokens, nobody can “erase” your ownership even if it is not registered in a government-run registry.
28. 28Copyright ©Protegrity Corp. | Protegrity Confidential
28
What happens if a company that
handles tokenization sells the
property?
• Token owners just own tokens.
• They have no legal rights on the
property and thus are not
protected by the law.
• Therefore, legal changes are
needed to accommodate these
new business models.
A problem is that this system brings us back some sort of centralization.
• The whole idea of Blockchain and especially smart contracts is to create a trustless environment.
• While this is possible to achieve when tokenizing digital assets, with real world, physical assets, this is not the case.
• Therefore, we have to accept a certain dose of centralization.
Legislation and centralization
31. 31Copyright ©Protegrity Corp. | Protegrity Confidential
31
Blockchain Plans
Q: What are your organization’s plans
in terms of blockchain?
2019 Gartner CIO Survey:
• 60% of CIOs expect some
kind of blockchain
deployment in the next
three years.
• Deployed blockchain or plan
to deploy it in the next 12
months,
1. financial services (18%)
2. services (17%)
3. transportation (16%)
34. 34Copyright ©Protegrity Corp. | Protegrity Confidential
34
Centralized vs. Decentralized Identity
YOU
ACCOUNT
ORG
STANDARDS:
#2 Third-Party IDP (Federated) Identity
YOU
ACCOUNT
ORGIDP
#3 Self-Sovereign Identity (SSI)
YOU
CONNECTION
PEER
DISTRIBUTED LEDGER (BLOCKCHAIN)
#1 Siloed (Centralized)
Identity
35. 35Copyright ©Protegrity Corp. | Protegrity Confidential
35
• By 2023, blockchain will be scalable technically,
and will support trusted private transactions with
the necessary data confidentiality.
• Over time, permissioned blockchains will integrate
with public blockchains.
• Blockchain adds little value unless it is part of a
network that exchanges information and value.
• The network collaboration challenges have initially
driven organizations to turn to consortia to derive
the most immediate value from blockchain.
• Four types of consortia exist:
• technology-centric; geographically centric; industry
centric and process-centric.
Source: Gartner
Blockchain Will Be Scalable by 2023
Blockchain remains immature for enterprise deployments due to a range
of technical issues including poor scalability and interoperability.
Scalability
Roadmap
37. 37Copyright ©Protegrity Corp. | Protegrity Confidential
37
Source: IBM
Blockchains can be private or public
Is Blockchain impossible to hack?
40. 40Copyright ©Protegrity Corp. | Protegrity Confidential
40
Shared
responsibili
ties across
cloud
service
models
Data Protection for Multi-cloud
Payment
Application
Payment
Network
Payment
Data
Policy,
tokenization,
encryption
and keys
Gateway
Call Center
Application
PI* Data
Tokenization
Salesforce
Analytics
Application
Differential Privacy (DP),
K-anonymity model
PI* Data
Microsoft
Election
Guard
developm
ent kit
Election
Data
Homomorphic
Encryption (HE)
Data
Warehouse
PI* Data
Vault-less tokenization (VLT)
Use-cases of some data privacy techniques
Voting
Application
*: PI Data (Personal information) means information that identifies, relates to, describes, is capable of being associated with, or
could reasonably be linked, directly or indirectly, with a consumer or household according to CCPA
Dev/test
Systems
Masking
PI* Data
41. 41Copyright ©Protegrity Corp. | Protegrity Confidential
41
Field Privacy Action (PA) PA Config
Variant Twin
Output
Gender Pseudonymise AD-lks75HF9aLKSa
Pseudonymization
Generalization
Field Privacy Action (PA) PA Config
Variant Twin
Output
Age Integer Range Bin
Step 10 +
Pseud.
Age_KXYC
Age Integer Range Bin
Custom
Steps
18-25
Aggregation/Binning
Field Privacy Action (PA) PA Config
Variant Twin
Output
Balance Nearest Unit Value Thousand 94000
Rounding
Generalization
Source data:
Output data:
Last name Balance Age Gender
Folds 93791 23 m
… … … …
Generalization
Source data:
Output data:
Patient Age Gender Region Disease
173965429 57 Female Hamburg Gastric ulcer
Patient Age Gender Region Disease
173965429 >50 Female Germany Gastric ulcer
Generalization
Examples of two data de-
identification use cases
Source: INTERNATIONAL
STANDARD ISO/IEC
20889, Privitar, Anonos
42. 42Copyright ©Protegrity Corp. | Protegrity Confidential
42
Differential
Privacy (DP)
2-way
Format
Preserving
Encryption
(FPE)
Homomorphic
Encryption
(HE)
K-anonymity
modelTokenization
MaskingHashing
1-way
Analytics and Machine Learning (ML)
Algorithmic
Random
Noise
added
Computing
on
encrypted
data
Format
Preserving
Fast Slow Very
slow
Fast
Fast
Format
Preserving
Encryption and Privacy Models
43. 43Copyright ©Protegrity Corp. | Protegrity Confidential
43
Reduction of Pain with Different Protection Techniques
1970 2000 2005 2010
High
Low
Pain
& TCO
Strong Encryption Output:
AES, 3DES
Format Preserving Encryption
DTP, FPE
Vault-based Tokenization
Vaultless Tokenization
Input Value: 3872 3789 1620
3675
!@#$%a^.,mhu7///&*B()_+!
@
8278 2789 2990 2789
8278 2789 2990 2789
Format Preserving
Greatly reduced
Key Management
No Vault
8278 2789 2990 2789
Year
44. 44Copyright ©Protegrity Corp. | Protegrity Confidential
44
Type of
Data
Use
Case
I
Structured
How Should I Secure Regulated Data?
I
Un-structured
Simple –
Complex –
PCI
PHI
PII
Encryption
of Files
Card
Holder
Data
Tokenization
of Fields
Protected
Health
Information
Personally Identifiable Information
45. 45Copyright ©Protegrity Corp. | Protegrity Confidential
45
Examples of Protected Data
Field Real Data Tokenized / Pseudonymized
Name Joe Smith csu wusoj
Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA
Date of Birth 12/25/1966 01/02/1966
Telephone 760-278-3389 760-389-2289
E-Mail Address joe.smith@surferdude.org eoe.nwuer@beusorpdqo.org
SSN 076-39-2778 076-28-3390
CC Number 3678 2289 3907 3378 3846 2290 3371 3378
Business URL www.surferdude.com www.sheyinctao.com
Fingerprint Encrypted
Photo Encrypted
X-Ray Encrypted
Healthcare /
Financial
Services
Dr. visits, prescriptions, hospital stays and
discharges, clinical, billing, etc.
Financial Services Consumer Products and
activities
Protection methods can be equally applied
to the actual data, but not needed with de-
identification
46. 46Copyright ©Protegrity Corp. | Protegrity Confidential
46
Access to DataLow High
High -
Low -
I I
Higher Productivity with
More Access to Low-Risk
Data
User Productivity
Risk
Low Risk Tokens
High Risk Clear Data
47. 47Copyright ©Protegrity Corp. | Protegrity Confidential
47
Personally Identifiable Information
(PII) in compliance with the EU Cross
Border Data Protection Laws,
specifically
• Datenschutzgesetz 2000 (DSG
2000) in Austria, and
• Bundesdatenschutzgesetz in
Germany.
This required access to Austrian and
German customer data to be
restricted to only requesters in each
respective country.
• Achieved targeted compliance with
EU Cross Border Data Security laws
• Implemented country-specific data
access restrictions
Data sources
Case Study
A major international bank performed a consolidation of all European operational data sources
48. Copyright ©Protegrity Corp. | Protegrity Confidential
48
ブ
野
ジ
ノ
高
O
ブ
高
ル
Unicode Tokenization Fabric
Ä
z
6
Ü
ß
ä
ß
Ö
c
Japanese exampleGerman / Latin example
IoT
49. 49Copyright ©Protegrity Corp. | Protegrity Confidential
49
10 000 000 -
1 000 000 -
100 000 -
10 000 -
1 000 -
100 -
Transactions per second*
I
Format
Preserving
Encryption
Tokenization Speed
I
Vaultless
Data
Tokenization
I
AES CBC
Encryption
Standard
I
Vault-based
Data
Tokenization
*: Speed will depend on the configuration
50. 50Copyright ©Protegrity Corp. | Protegrity Confidential
50
Different Tokenization Approaches
Property Dynamic Pre-generated
Vault-based Vaultless
51. 51Copyright ©Protegrity Corp. | Protegrity Confidential
51
Risk
Reduction
Source:
INTERNATIONAL
STANDARD ISO/IEC
20889
Transit Use Storage Singling out Linking Inference
Pseudonymization Tokenization
Protects the data flow
from attacks
Yes Yes Yes Yes Direct identifiers No Partially No
Deterministic
encryption
Protects the data when
not used in processing
operations
Yes No Yes Yes All attributes No Partially No
Order-preserving
encryption
Protects the data from
attacks
Partially Partially Partially Yes All attributes No Partially No
Homomorphic
encryption
Protects the data also
when used in processing
operations
Yes Yes Yes Yes All attributes No No No
Masking
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes Local identifiers Yes Partially No
Local suppression
Protects the data in
analytical applications
Yes Yes Yes Yes
Identifying
attributes
Partially Partially Partially
Record suppression
Removes the data from
the data set
Yes Yes Yes Yes All attributes Yes Yes Yes
Sampling
Exposes only a subset of
the data for analytical
applications
Partially Partially Partially Yes All attributes Partially Partially Partially
Generalization
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
Partially Partially Partially
Rounding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No Partially Partially
Top/bottom coding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No Partially Partially
Noise addition
Protects the data in
dev/test and analytical
applications
Yes Yes Yes No
Identifying
attributes
Partially Partially Partially
Permutation
Protects the data in
dev/test and analytical
applications
Yes Yes Yes No
Identifying
attributes
Partially Partially Partially
Micro aggregation
Protects the data in
dev/test and analytical
applications
Yes Yes Yes No All attributes No Partially Partially
Differential privacy
Protects the data in
analytical applications
No Yes Yes No
Identifying
attributes
Yes Yes Partially
K-anonymity
Protects the data in
analytical applications
No Yes Yes Yes Quai identifiers Yes Partially No
Privacy models
Applicable to
types of
attributes
Reduces the risk of
Cryptographic tools
Suppression
Generalization
Technique name
Data
truthfulness
at record
level
Use Case / User Story
Data protected in
Randomization
Technique name
52. Copyright ©Protegrity Corp.
Copyright ©Protegrity Corp. | Protegrity Confidential
52
Data protection techniques: Deployment on-premises, and clouds
Data
Warehouse
Centralized Distributed
On-
premises
Public
Cloud
Private
Cloud
Vault-based tokenization y y
Vault-less tokenization y y y y y y
Format preserving
encryption
y y y y y
Homomorphic encryption y y
Masking y y y y y y
Hashing y y y y y y
Server model y y y y y y
Local model y y y y y y
L-diversity y y y y y y
T-closeness y y y y y y
Privacy enhancing data de-identification
terminology and classification of techniques
De-
identification
techniques
Tokenization
Cryptographic
tools
Suppression
techniques
Formal
privacy
measurement
models
Differential
Privacy
K-anonymity
model
55. 55Copyright ©Protegrity Corp. | Protegrity Confidential
55
Source: Gartner
Source:
Netskope
Current use or plan to use:
Spending by Deployment Model, Digital Commerce Platforms, Worldwide
56. 56Copyright ©Protegrity Corp. | Protegrity Confidential
56
Local Data Security Gateways
Central Security
Manager
• 200 million users
• 160 countries
REST APIREST API
CENTRAL CONTROL (US) – LOCAL DATA
MANAGEMENT
Use Case (Financial Services) - Compliance with cross-border and other regulations
On-premise or
hosted
o
57. 57Copyright ©Protegrity Corp. | Protegrity Confidential
57
A Data Security Gateway can protect sensitive data in Cloud and On-premises
Protected data
U
On-premise
• Policy Enforcement• Encryption Key
58. 58Copyright ©Protegrity Corp. | Protegrity Confidential
58
Protection throughout the lifecycle of data in Hadoop
Tokenizes or encrypts
sensitive data fields
Enterprise
Policies
Privacy policies may be
managed on-prem or
Cloud Platform
• Policy Enforcement Point (PEP)
Protected data fields
U
Separation of Duties
• Encryption Key Management
Big Data Analytics
Data
Producers
Data
Users
Google Cloud
UU
Big Data Protection with Granular Field Level Protection for
Google Cloud
59. 59Copyright ©Protegrity Corp. | Protegrity Confidential
59
Protect data before landing
Enterprise
Policies
Apps using de-identified
data
Sensitive data streams
Enterprise on-
prem
Data lifted to S3 is
protected before use
S3
• Applications can use de-
identified data or data
in the clear based on
policies
• Protection of data in
AWS S3 before landing
in a S3 bucket
Protection of
data in AWS S3
• Policy Enforcement Point
Separation of
Duties
• Encryption Key Management
60. 60Copyright ©Protegrity Corp. | Protegrity Confidential
60
Legal Compliance and Nation-State Attacks
• Many companies have information that is attractive to governments and intelligence services.
• Others worry that litigation may result in a subpoena for all their data.
Securosis
Multi-Cloud Data Privacy considerations
Jurisdiction
• Cloud service providers redundancy is great for resilience, but regulatory concerns arises when moving data
across regions which may have different laws and jurisdictions.
BigID,
61. 61Copyright ©Protegrity Corp. | Protegrity Confidential
61
Securosis
Consistency
• Most firms are quite familiar with their
on-premises encryption and key
management systems, so they often
prefer to leverage the same tool and skills
across multiple clouds.
• Firms often adopt a “best of breed” cloud
approach.
Hybrid Cloud considerations
Trust
• Some customers simply do not trust
their cloud vendors.
Vendor Lock-in and Migration
• A common concern is vendor lock-in,
and an inability to migrate to another
cloud service provider.
Cloud Gateway
Google Cloud AWS Cloud Azure Cloud
S3
Salesforce