When Giants Stumble: Why Integrous, Interoperable Architecture is the Key to Enterprise Resilience
On Monday, Amazon Web Services went dark worldwide—not from a sophisticated attack, but from DNS resolution failures that rippled through every dependent system.
The irony – that one company’s mistake could take down so much of an internet designed for resilience – is hard to escape. As Inrupt’s VP of Digital Trust & Ethics, Davi Ottenheimer, told the BBC: “The web is… the most distributed network ever created. And Amazon turned it back into a centralized system.”
Beyond pointing out the obvious, Davi’s comments also illuminated the lessons and solutions that Inrupt has developed through our work with major enterprises.
First, he told WIRED what many in the industry are beginning to recognize:
"Today's AWS outage is a classic availability problem, and we need to start seeing it more as data integrity failure... Failures increasingly trace to integrity. Corrupted data, failed validation or, in this case, broken name resolution that poisoned every downstream dependency."
This point about “integrity” – ensuring that a system maintains accuracy and currency – goes beyond the current problems with AWS’s network outages. It’s increasingly vital to organizations that are feeding their data into new AI systems, without a clear understanding of what happens next.
Integrity: The forgotten leg of the CIA triangle
As Davi Ottenheimer and Inrupt’s Chief of Security Architecture, Bruce Schneier, wrote in a recent paper for Communications of the ACM, the evolution of web security has moved from availability (Web 1.0) to confidentiality (Web 2.0) to integrity (Web 3.0).
They write:
In particular, AI systems require robust integrity controls because of how they process data. This means technical controls to ensure data is accurate, that its meaning is preserved as it is processed, that it produces reliable results, and that humans can reliably alter it when it’s wrong. Just as a scientific instrument must be calibrated to measure reality accurately, AI systems need integrity controls that preserve the connection between their data and ground truth.
For organizations integrating AI systems into their mission critical projects, Solid adds integrity controls through:
- Granular access control: Giving users and organizations precise control over who can access what information
- Nuanced authentication: Ensuring data access is properly verified at every step
- Transparent data ownership: Allowing data owners to know how and when their data is used and creating auditable trails of data provenance
- Access standardization: Providing common interfaces and protocols that enable consistent data access while maintaining security and privacy
Together, these controls help protect organizations from the same fate that Amazon is experiencing: a single piece of invalid data is injected into a complex, centralized system with disastrous consequences.
Interoperability: A way out of the stovepipe
Speaking with the BBC, Davi also highlighted an architectural root cause of the AWS outage:
"Right now everything flows in this very vertical stovepipe, which is a single point of failure. And that's what we experienced today. One of them wasn't working and people didn't really have an effective way to get onto a different one."
Thousands of corporate IT teams yesterday probably wished they could quickly, temporarily shift their cloud infrastructure to Google Cloud Platform or Azure while AWS fixed its issues. But of course that option isn’t even in the realm of possibility today.
Modern applications are built on layers of platform services. Storage, authentication systems, compute infrastructure, API gateways — each represents a dependency locked into one vendor’s ecosystem. When that fails, the cascade begins. When the vendor’s ecosystem fails, there's no efficient or effective way to move to a different one. The data, the logic, and the access controls are all trapped in vertical silos.
This is the thorny problem that Bruce Schneier and Barath Raghavan, both eminent figures in the field of security — Schneier as Chief of Security Architecture at Inrupt and Raghavan as a technical advisor – tackled in their 2023 IEEE paper on a new age of “decoupling.”
They wrote:
Here’s the gist. The less someone knows, the less they can put you and your data at risk. In security this is called Least Privilege. The decoupling principle applies that idea to cloud services by making sure systems know as little as possible while doing their jobs. It states that we gain security and privacy by separating private data that today is unnecessarily concentrated.
By ensuring interoperability of data across systems, Solid allows organizations to distribute each type of data to the provider that best serves its particular purpose – operationalizing the “Least Privilege” idea without losing the efficiency gains of cloud offerings.
Rethinking Resilience: Why Now?
The conversation around cloud outages typically focuses on redundancy, failover systems, and disaster recovery—important, but insufficient. These strategies accept centralization as inevitable and try to work around its inherent gaps.
True resilience requires rethinking architecture from first principles. It means asking: where does data actually need to live? Who needs to control it? What happens when—not if—critical dependencies fail?
Organizations committed to operational resilience in the age of AI are increasingly recognizing that the key is building interoperable, integrity-first systems that can withstand the inevitable failures of centralized platforms.
When data is stored with the customer, distributed across architectures, and cryptographically verified at the protocol level, you create systems that don't have single points of failure. You build independence from the cascading consequences of someone else's DNS configuration.
Because when giants stumble, an interoperable architecture keeps you standing.
Want to learn how Inrupt's Solid-based technology can future-proof your organization's digital infrastructure? Get in touch with our team today.
