Larry Ellison Keynote on Oracle's Vision and Strategy: Oracle CloudWorld 2024
[Music] 1 2 [Music] [Music] facility [Music] [Music] [Music] please welcome to the stage Larry Ellison [Music] hi everybody I actually have two two topics today and the first topic is uh the multicloud era the beginning of the multicloud era you know before this was called Cloud world it was called Oracle open world and we called it open because the Oracle database ran on all sorts of computers it ran on IBM's main frames and on huid Packard computers and and on PCS and and actually for years for decades we had run run on different on different kinds of computers different operating systems we coexisted with with different applications lots of applications from different vendors ran on Oracle and it was the whole idea that customers had a of choices TR customers could choose computers could choose operating systems databases applications and mix and match those but when we moved into the very exciting world of cloud that offered a lot of tremendous benefits it seems like we lost one thing we lost the idea that customers could buy technology from many different different companies and those Technologies work gracefully together and that and we call that you know if you will the era of open systems now as we're well into the cloud era we're entering a new phase where services on different clouds work gracefully together the clouds are becoming open they're no longer walled Gardens but customers will have choices and can get and can use multiple clouds together so that's my first topic my second topic is people are talking about AI constantly I want to focus on ai's imp with the implication of AI and what it means for security uh we're actually in a very interesting time when it comes to security whether it's on premise systems or Cloud systems um there's more ransomware there are more ransoms being paid this year than the year before uh clever cyber criminals are invading your networks your computers blocking you away from your data unless you pay them a ransom in Bitcoin and it's worse this year than La last year worse last year than the year before so if we're going to do a really good job of defending our networks defending our computer systems and stopping Data Theft preventing identity theft all of those things we used need to exploit the most Advanced Technologies to defend ourselves and those Advanced Technologies are artificial intelligence and I'm going to talk about how Oracle is using AI to build if you will cyber defense robots autonomous systems to defend against identity theft someone logging on infiltrating your system who shouldn't um someone stealing your data and reselling credit card numbers and all of that we can use AI we are using AI to prevent that from happening okay let me start with the open multicloud era begins and simple fact our customers the PE all of you out there use multiple clouds uh there's there are four very very large infrastructure companies that's that that have big clouds AWS Microsoft isure Google and Oracle that's an alphabetical order by the way uh by the way the second one the application clouds are also in alphabetical order now notice the dot dot dot after workday there are lots of different application clouds and and four large scale Global uh infrastructure infrastructure companies and customers typically use one or two or even three uh different infrastructure clouds they might use many applications uh service now I can I can go on and on that they could use many many different many different clouds but today those clouds really don't work well together it's not really they're not gracefully integrated good example some customers may want to move their Oracle exadata databases and the applications that go with them from on premise into AWS customers some of our customers definitely want to do that in other words they'd like to use the Oracle exadata database cloud service inside of AWS they would like to move the application intact use the Oracle database but have the application and the database running an AWS well multicloud interconnect taking a network and connecting the Oracle Cloud to AWS would make that possible you could do that we can interconnect the clouds and in some cases we have interconnected the clouds but an interconnect alone is not optimal it's not the ideal solution if you want to you know connecting the Oracle Cloud to AWS doesn't automatically mean it's easy to connect an application running in AWS to a database running let's say in the Oracle Cloud uh they could be quite far away from each other so there could be a latency problem performance latency problem the the fact that you have to hook up the there's no real graceful way to hook up the the the AWS applications uh you can't go to the AWS console and just hook up an application running an a AWS to the oracal excitated database so it's not easy to do it's not necessarily the fast to run it's doable but it's suboptimal a much better approach would be if we actually embedded an oracle cloud data center right inside of AWS in other words we took the exadata cluster Hardware our RDMA Network all all of the latest Oracle database software and actually took that data center that oci data center and embedded it right into an AWS Data Center that would give us much much much better performance higher bandwidth lower latency you we'd set it up so it' be very easy to provision the Oracle database from the AWS console so you never had to Really Leave the a let's see I'm I'm going to do this okay much better all right everyone's comfortable now great all right so we want to make it E really easy to use so usually if you're an adws customer and you're familiar with the AWS console just go in there you provision your application servers uh you you provision whatever you need including the Oracle database directly from the AWS console so it's completely transparent and when you're using the Oracle database in AWS it has all the latest and the best features it's because it's an data cluster uh it's fully fall tolerant if a couple of CPUs should break it makes no difference the application continues to run if uh you start out by using 12 you you provision 12 CPUs and your for your database and the data the database is running a lar very large query it can automatically go out and dynamically expand and get more more processors to run that big complex query get it out of the pool of of of processors exit data uh you get a big burst in performance when you're through running that complex query you return those processors to the pool so it gets all of our latest technology right inside of AWS and it seemed like such a good idea uh we worked with a AWS to do just that take the oci database the oci data center the database the our cluster Hardware our RDMA Network and put it all at AWS that's our latest and best stuff exad dat cluster hardware version 23 AI of our database uh we and that's going to be available in December of 2024 so a few months from now and soon and and thereafter we'll also have an autonomous and XIs scale so we're very excited about it and I'm you know and I'd like to invite mat Garmin the CEO of AWS to come out here and join me and we'll talk about why we did it and why we're very excited about uh the future of working together in this new open multicloud era Matt [Music] [Applause] what's going great to see you uh thank you for having me so we're so excited about actually you working together with AWS years years and years ago we had a very wonderful relationship uh with Amazon and we have lots of customers in common uh I think we both listen to We both listen to those customers yeah um some of them certainly asked me over and over again when are we be able to use the Oracle database inside of AWS yeah and now we can tell them that will be December in 2024 yeah it's uh it's something we're super excited about as well um we have uh as you mentioned there's there's a a wide variety of customers who choose to run an AWS it's the the most popular Cloud out there and they love the security of AWS they love the scalability of AWS and they want to run some of their most Mission critical workloads they already run them on Oracle and they were having a TR trouble figuring out how do I pick a or b and and they said I want to pick a and b and they really wanted to run all of those Mission critical workloads inside of AWS where their applications are but they need low latency to their database and that's uh what we're super excited about rolling out and uh and many customers um uh have talked about already of excited about what they're doing there we'll take an example of of somebody like a Best Buy who runs many of their systems inside of AWS they have uh recommendations for their customers and and uh and lots of interesting e-commerce applications and they run their core workload database workloads on Oracle and and uh they were trying to figure out how do I get my rack workloads together to work in a low latency way with all their applications this is a great solution for them yeah I know I mean custo giving customers choices has always been always been good for our business yes and I and you give your customers lots and lots of choices in AWS uh and I think it's going to work out well for us and well for all all the people here today yeah what what I found is that when we listen to customers and we and we really listen to what they're looking for that's when we deliver an outstanding product and I think one of the cool things that we haven't talked about yet too which is just this integration is it's part of moving the the ex dat actual hardware and and the and Oracle rack capabilities um inside of the AWS data center but it's not it doesn't even stop there we actually and and the teams did a great collaboration here when they listen to customers they want it to feel like a native AWS service that's running there and so there's lot lots of Integrations where when you take backups of your Oracle database it actually saves it in the customer S3 bucket so that they have access to that into their AWS account there's native Integrations in in zero ETL where customers want to take the data that's inside of their Oracle database pull it into something like sagemaker to do ML and analytics and uh and then push some of that data back into the the the system of record where they're running in the oracal database all of that is enabled natively uh as you run here and you can even purchase it through the AWS Marketplace so it all comes to you on your AWS Bill all three of the AWS console so I think customers are going to really love that native feeling integration where it kind of feels and works really well together yeah no I agree with you Don that's what the customers have been asking for and uh we decided that there will be no price distinction in since uh the same the Oracle database on AWS is same price as the Oracle database on oci yep same price same performance same everything same price same performance same features same functions uh all all all exactly the same uh you can get support both from AWS and from Oracle yep uh and I again we we think this dramatically expands the market it's what customers have asked for for a very long time yeah uh my friend uh I'll name Jamie Diamond uh has got huge commitments uh JP Morgan Chase huge commitments uh to uh AWS and he was every time he's he saw me he asked me when you know when are we going to have it at AWS and now I finally have a have an answer thank you thank you Matt yeah it's awesome and and it's it's you know there's there's actually already a pretty impressive list of Enterprises that are really excited about this folks from vone were were frustrated about having their environment actually fractured across multiple different places and they're super excited about bringing these things together here the folks in uh at Exxon Mobile where they run highly regulated workloads and they run those in AWS because they love the security and scalability but they also run them on oracal database and customers are just super excited about being able to bring these together it also speeds that migration you know a lot of customers are wanting to move to the cloud and the more we can make it easy for them to use the components and the the applications that they love and that they they use as part of their um their operating environment and make it easy to migrate those without having to change those out the faster many of these customers can go on that modernization journey and get out of their own data centers where um and they can focus on on um on really modernizing that entire stack exactly and when we released 23 AI or and and the successor 23i the Oracle cloud and the AWS cloud with uh the Oracle database services so we think that's what customers want and we're thrilled uh that this is working out and and how quickly uh you guys are responding to get this thing live before the end of the year yeah so we'll be uh we'll be out in preview at the end of this year in in one availability zone or in one region and then we'll be quickly launching to other regions as we get as we hear demand from others where people are looking at it so um please let us know if there's other regions around where you all operate in that uh that we can roll this out to actually we got someone here who can tell you what regions he wants awesome we've got uh we we have a customer that's going to join us on stage Andy zitney uh the chief technology officer of State treat will come out and join us and and uh and I'm sure he'll have some questions [Music] thanks for all right see you I'm happy to take my coat off comfortable it's it's okay I feel overdressed ah okay so uh Andy uh tell us I know we've had a chance to speak a little bit and you're pretty excited about taking advantage of of this new capability at a AWS yeah I was uh listening back stage I think I'm actually State Street's more excited than you two um on the relationship um that's what we like to hear and you hit all the same to talking points right we're we're a huge ex data user um and we're a huge partner with AWS and we ran into the complexity of all the data running on exod data and we were starting down the Journey of um starting to integrate the clouds and this comes right at the perfect time to expedite that uh make it easier for us um and help our digital transformation Andel accelerate it I think the rest of the industry is out there waiting on it too um so I think it's going to be a very exciting announcement and it's going to help others not just State Street yeah how do you think about I'm curious as you think about what you all are doing with regards to Ai and data and things like that is do you view this as something that helps that as you move that to the cloud and increase your kind of modernization Journey there and take advantage some of those new technologies you know data has gravity a ton of gravity so trying to separate those two from your applic up in AWS and the cloud the latency became concerns right this gives us the ability now to move that keep it clean put the data where we need it and want it um on a trusted platform that's secure safe uh being a regulatory regulated environment we we require um a lot of things that um non-regulated uh environments would not so we had to have trusted Partners um I call it the partner or partner ecosystem and seeing two strong partners like Oracle and AWS come together delivers a platform at ease of use and gives us the ability now to innovate as opposed to spending all the time integrating we can spend time innovating because you did the integration for us that's awesome thank and yeah we're we're excited to help you on that journey and I know we're both we're both uh uh super interested in in seeing what you can how your business can accelerate and how you can innovate faster once you get that data up into the cloud yeah perfectly helps us like I say it's the acceleration of our dig digital transformation you guys are doing what I'll say is the hard work now we get to do the fun work have you uh Andy have you thought about locations I mean with the first place we're opening up is in V Virginia you know different companies have commitments in at different data centers well uh you know Matt mentioned uh you know they're going to be opening a number number other data centers after once Virginia is opened what here's your chance to vote and try to get the um yeah we're going to need it globally right and we we need it not only um East Coast West Coast Center Central of the us we need it globally we operate in about 50 countries right um and the the key part of this is getting the data close to where the user has the best experience so it's really about the business y so you have to give us that capability to deliver both the data and the application closer to the business user closer to the end user give them the mo the best experience we possibly can so the answer to that is yeah we need it everywhere um we're willing to partner and prioritize great and I I'm sure you can do development on a single a single data center I'm sure all of your uh all of your your operational systems have to be full tolerant and they have to run in multip multiple data centers available in multiple data centers do you do you tend to Cluster those around the East Coast separately from the West Coast or how do you operate um we we have a parody par data center model so we have parody and region and then we have an outer region recovery so that spreads us everywhere we're we're implementing that in all regions Asia Amia us so it does spread our footprint out a bit um so we do need the technology like I say I hate to use the word everywhere but we definitely need the services pretty much everywhere I got one last question about about how many different data centers AWS Data Centers do you think you will be in when you say when you say everywhere is is that a single country in Europe or are you going to be in multiple countries in Europe Asia what is what is that how many actual locations are we talking about yeah I think when we when we looked at our current footprint we're in about 40 three different locations whoa um we're hoping to scale that back down to a 30 number so it is different countries due to dat data restrictions right you can't move it out of country so we do require that so it will be in multiple countries you know we're thinking the number is going to be 30 to 40 at the end but again when it's when it's our data center that's a huge cost y it's your data center I'm only paying for what I use makes it much easier and now put an Oracle in that data center I don't need nonrem as much as I used to we operate in the cloud with a couple of trusted Partners yeah fantastic yeah well it looks like you and I have some work to do excellent I guess we've got some we've got some roll out plans we'll definitely uh we'll definitely get that prioritized list and get going on it yeah definitely looking forward to it okay we're looking forward to too great announcement cool thank you so much thank you Matt this is great thank you [Music] [Applause] [Music] so thank you both very much for being here okay once again the lower line is in alphabetical order you know uh again it used to be Oracle open world now it's Oracle Cloud world I think saffro probably will not agree that we should call it the open multicloud world uh well but or may or maybe that's okay we'll we'll find out uh but I do I do think this is a very different situation than we had only a few years ago where I think you'll see more and more the ability for customers to use different services from different clouds and gracefully mix them in in a single application and as as you heard from Andy uh you know large companies uh operate in in a lot of countries sometimes there are data sovereignty rules that have to be obeyed so this multicloud world is going to involved lots and lots of new data centers scattered all you know throughout the globe it really is very exciting as you know oracle has now reached the point where we have connected our Cloud uh to AWS uh we put oci data centers in AWS we put oci data centers in Google we put oci data centers in Microsoft we've interconnected to the three other major infrastructure providers in North America but of course they're not North American companies these are Global infrastructure providers the largest global infrastructure providers so again giving customers Choice has always seemed like a good idea uh customers seem to prefer having choices and it's it's always and Oracle historically has always provided choices for customers okay um so the the idea that that you know that we connected to all of these public infrastructure clouds oh that's interesting to read okay um we've talked about AWS Azure Google and Oracle maybe we didn't mention we also connect to fujit in Japan uh we we're building Data Centers inside of Fujitsu we're building Data Centers inside of NT and we've already built four data centers at NRI that's that's called nura research and they are an infrastructure provider the using the Oracle cloud and maybe the most interesting application they run um at in the Oracle cloud in Japan is they run the Tokyo Stock Exchange as far as I know it's the only Stock Exchange that runs their entire business in the cloud so it's is is is really very interesting as we embed our data centers the oci data center and and the Oracle database and all a bunch of other Oracle Serv Services uh in in these different clouds where Fujitsu now can service their customers using or the Oracle database and the oci cloud so will MTT so will NRI so will another number of other Japanese companies uh the uh and it's not a one-way street it's not that it's just a matter of you're an AWS you can use the Oracle database um in our connection with Google if you're if you're a Google Cloud customer you can use the Oracle database uh if you're an oracle Cloud customer you can use a a Google Gemini from the Oracle Cloud so the interesting thing about this multicloud world is whichever Cloud you is if you will your primary Cloud you can reach out to other clouds infrastructure clouds and very soon application clouds and mix and match the applications in the Sur as you want another interesting thing about oci is we have private Cloud offerings in in addition to our public I've been talking about public clouds now uh up until now AWS Google uh Microsoft and Oracle all have public clouds but we're different in one important way and that is we also have private clouds private infrastructure clouds um in fact we have three flavors of that Enterprise uh Dr CC uh that's that's dedicated region clouded customer in other words let's say you're a big you're a big a big customer uh like like a Vodaphone uh and you would like to use the Oracle Cloud but you don't want any other tenants you don't want any other users in your version of the or your version of the Oracle Cloud yeah I like the Oracle Cloud build me six of them build me six data centers and and Vodaphone will be the only ones in that cloud we don't want anyone coming into our cloud with a credit card we don't want anyone coming into our Cloud that we don't know we want a private Cloud our private cloud is absolutely identical to our public clouds every service every feature uh is in our private clouds that are in our public clouds the uh so it's it's not an abbreviated cloud in any way they are absolutely identical uh and we have uh dedicated uh Cloud regions we have an alloy cloud and nowo NRI is an example uh they have four four four dead clouds four private clouds and they provide services as I mentioned to the Tokyo Stock Exchange uh well they sell those Services they charge for those services so Ally is a way that Oracle gets Cloud business partners that will resell the Oracle cloud services to their dedicated customers NRI is a perfect example of an allly Cloud customer and then nation states uh companies uh countries excuse me not companies countries that are very concerned that their data remains Sovereign they want their data in their country certainly all the government data Maybe all the healthc Care data they want kept in their country and uh so we can build those countries Sovereign clouds again it's a it's a private Cloud uh and but the Sovereign Cloud be would be located in this case an example would be Serbia but Thailand there are many other there are many examples we built these uh these Sovereign clouds where they can keep all their government applications in a dedicated private Cloud where it's only government applications they keep all their healthc care data in their country we can do all of that we're building not only public clouds and expanding our public Cloud but we're building dedicated private clouds for some of our most important customers and it gives you more security because the uh it's a private data center there's nobody there it's a private Network it's behind your firewall and there are no tenants in that cloud that you don't approve uh so it's again one of the one of the things that off that Oracle offers that the other uh the other uh Cloud companies do not and we're uh we're seeing pretty good uptake on on on our private Cloud business Oracle at this stage has 162 public and private cloud data centers around the world actually more than that now because we're actually we've actually started on our first AWS cloud data Center and but we we have 162 public and private cloud data centers either already complet completed and running or under construction and many more on top of that planned so we expect uh to have a very large number of cloud data centers uh measuring in the hundreds probably measuring over a thousand in the not too distant future because a lot of our customers are telling us yes they want to move to the cloud but they don't want to move to the public Cloud just yet it might be a regulated bank and they have regulatory issues might be a country and they have Sovereign data issues anyway there are lots of issues our job is to provide customers with choices we have public we have a lot of public Cloud regions all over the world but we also can offer you a dedicated Cloud for your company uh or for your country the these clouds are all identical except for size uh we build the largest data centers in the world um the really huge data centers that we build uh are typically for our ai ai training customers like en Nvidia uh open AI chat GPT and and XIs grock which are currently being trained in large Oracle cloud data Cent cloud data centers but we actually well 800 megawatts is gigantic uh and we actually have data centers in planning that are over a gigawatt um our data centers also can currently can go down to 144 kilowatts so when we we can offer you a a private Cloud very very economically it will fit in your data center it is not ex and the costs are identical the cost for running the Oracle database in your priv in a private cloud is identical to the cost run running the Oracle database in a public Cloud uh you can run Fusion applications in a private Cloud HCM CX you can um you uh you can keep your Cerner Health Data uh in Serbia entirely in your Sovereign Cloud so all your health data is is in your country there are lots of uses of these private clouds and we see an increasing popularity amongst our industrial uh uh uh cust customer companies uh um from from different countries from telecommunications companies from regulated Industries like Financial Services all of them very interested in private Cloud okay now I'm going to change subjects and I'm going to talk about Cloud security more specifically I'm going to talk about how we can use we as an industry can use AI I we Oracle the company can use AI to dramatically improve Cloud security I mean improve it by a factor of 10 or a factor of a 100 do things that everyone wants us to do like get rid of passwords passwords are a terrible idea passwords that are 17 characters long including special characters that no one can ever remember and has to write down are unbelievably easy to steal uh the Cyber Wars are getting worse not better we've got to find better ways to authenticate people than asking them to type in a password okay there are four pillars we look at four pillars of security at Oracle uh one uh is data security uh make sure under no circumstance can people steal look at your data steal your data or lock you out and away from your own data I mean that we have to absolutely have absolute data security and Oracle everyone knows oracle's first customer was the Central Intelligence Agency and um they take the data security very seriously over there uh and we've taken data security uh very seriously since we started the company and I think we're pretty good at keeping your your data safe but I'm going to talk about more things that we are doing uh to keep your data safe the next is the next is application security uh as Oracle writes a lot of applications um we uh WR write we wrote The Net Suite we WR wrote Oracle Erp Oracle HCM Oracle C Fusion CX all of all of those all of those applications how do we write those applications in a way that they're more secure than they are now do we just do a better job of training our our programmers do we make sure we audit all the code to make sure there are no security vulnerabilities what do we do uh next thing is use your identity I said passwords got to get rid of them and then finally network security how do we make sure that um a bunch of credit card a bunch of credit card data isn't flowing from one of our databases onto the Internet it's not being data is not being exfiltrated how do we continuously monitor our Network to make sure no data is Flowing from a from point A to point B where point a and point B aren't pre-authorized by your security system uh the you know what we summarize what we need need a set of cyber robots defense robots to stop these attacks data security how do we how do we keep your data safe very simply using autonomous systems autonomous fully automated fully self-driving systems just like self-driving cars uh self-driving cars are much safer than human driving cars the robot isn't going to go 130 miles an hour on the freeway the robot is not going to have a few drinks after dinner and get in the car we can save lots of lives with autonomous autonomous driving cars uh we can do a better job of protecting our data if the database system that is managing that data is fully autonomous and this is something that Oracle has been working on for a very long time and we think we're quite good at almost all cyber attacks begin the same way with human error uh the Oracle autonomous database um has a robot DBA uh the robot DBA automates everything there is there's human beings don't configure the database there's a famous story of a large Bank uh running running a big application in a in a cloud uh lost all of their credit card data uh and it came out that the that the bank's programmers made a mistake configuring the system configuring the database and they left it vulnerable to the public internet and literally every single credit card user lost their their credit card data that cannot happen with the Oracle autonomous database because human beings do not configure the system robots configure the system it is fully self-driving it configures itself uh it it decid it encrypts everything it backs itself up if you're if you have to recover from a backup it does that fully automatically there are no human beings involved in backup there's no human beings involved in recovery uh a new version of Oracle comes out it's it auto your your the software automatically gets updated there's a security patch that's available it automatically patches itself you need more capacity uh well because we use cluster the database runs on clusters exit dat clusters and exis scale the next generation of exit dat called exis scale runs on exis scale clusters if you need more processors we just get them from the pool but it's done automatically human beings don't do that um if the system break if a bunch of processors go down uh the system keeps running uh who keeps it running uh it does that automatically there are no human beings involved it is um if the data center catches fire and burns to the ground your application is running in a separate data center without missing a beat no human beings involved in the recovery whatsoever no human labor no human error but you have to be willing to pay less to use autonomous systems it's really interesting uh that it is the most economical way to do things and the safest way to do things um this is so important to Oracle we have decided that all of our applications have to be moved to the Oracle autonomous database because it is so much more secure but than a database where you have dbas configuring the system dbas backing up the system recovering recovering the system so uh already a lot of a lot of our stuff runs on uh autonomous uh our the new cner health stuff that called New Millennium uh that all runs on the autonomous database uh we're building uh Next Generation Fusion sales and fusion marketing I shouldn't say it's next Generation new products and Fusion sales and fusion marketing we're not obsoleting anything from Fusion there's no but there the the new updated versions of fusion sales and marketing are run on the autonomous database almost all the industry applications run on the autonomous database it's more secure it's much more reliable it's much less expensive to use um and by the by 2025 we will have moved all of our applications to the autonomous database we will be off the older databases everything must be autonomous not to save money but to keep the data safer do no human labor no human error so that's the first thing the first thing we do for security using AI to build autonomous systems and get get rid of human errors that allow people to steal your data the uh another thing that runs on the autonomous database is the Oracle Cloud there are lots of things in the or in the Oracle Cloud we keep track of your configurations we keep track of user authentications and all of those things all of the databases that run the Oracle Cloud must be autonomous we can't put have our our Cloud at risk it's got to be autonomous and right now the Oracle Cloud almost every database in the Oracle cloud is autonomous I think there might be a couple of exceptions but pretty much all that's been migrated uh to autonomous the um it allows oci it makes makes oci faster and much more reliable and requires much less human labor it allows us um all of our data the idea is all of our data centers need to be automated all of our n centers need to be fully automated if we're going to provide you with the economies uh of of a a a lowcost high performance uh Cloud uh we have to be able to keep it secure and minimize labor okay next next pillar of security using AI again people talk a lot lot about code generation everyone's very excited that chat GPT can write Java it can um uh it can like it can write it can write python uh it it can write JavaScript uh it can write a whole bunch of things um it's very interesting uh some code generation you use a large language model to generate a traditional familiar language like Java but you also can build code generators specifically to generate applications not where where in when you use a large language model to generate applications you translate English into Java and some people think that might not be the most efficient way to describe programs in the English language uh everyone knows the English language as as everyone everyone in this room probably knows the English language uh but it might not be the most precise way to describe a computer program so we could we can have that debate both both system both types of code generation are useful where you invent a new language that's designed to be a code generator and it and it builds the application or you use English and you describe it in English and and you build the application from English well this is an area where Oracle has built a language called Apex and made in the last couple years since since the dawn of if you will the AI era we've made huge changes to Apex uh and it can now generate very sophisticated applications uh it uh and it when it generates the application it's very interesting and we by the way we're generating the majority of the new applications that we're quote writing we're really not writing we're generating using so we are both an infrastructure company and an application company and more and more of our applications are generated using Apex so what are some of the advantages of using Apex everyone says well we get 10x productivity versus hand programming in Java yeah we do we get huge productivity gains more important again more important is our security when when the the application generator generates the Cod code we don't generate security vulnerabilities we don't we don't generate security vulnerabilities a computer program is writing the code it will not make that mistake it will not leave you know generate a vulnerability you have to fix later on it will not create something called state in an application I'm not going to go into it but but there are State there are stateful applications and state list applications a stateless application if your data center burns down we can immediately fail over to a different data center they're very they're easy to recover but you have to make sure you write the program properly and it has to be stateless to make it fully recoverable so not only are the generated applications uh more secure because we don't generate security vulnerabilities they're more reliable because if a power line should be cut to your data center for whatever reason and the you lose power you can immediately fail over to a different computer in that data center or in a different data center because the application was generated and it was generated to be fully recover a stateless fully recoverable application so the generators uh we generate more secure more scalable stateless recoverable applications and we get a 10 times productivity gain to go along with it uh a Apex is the majority again the vast majority of new applications that are being started today are being written in a code generator not a traditional programming language because we're it's you're more productive and you're more secure okay third pillar of using AI to make your systems more secure is use your identity this one I think is uh in some ways the most obvious uh and um I think I think everyone's going to be very excited about it but it's really interesting when you log on a computer uh why do you type in a password my name is is larry. Ellison oracle.com that's who I am in cyberspace I'm larry. Ellison oracle.com now why do you want me to type in a password when I you know when I see someone I when I see saffa she doesn't ask me for my password and she recognizes me I'm hi Larry you know what's wrong with a a computer can't do that of course a computer can do that uh a computer can look at the camera can look at you a c if you put your index finger on the return key a a a camera can recognize you from your your index finger fingerprint it can it can recognize your face it can recognize your voice why do you want a password what is the purpose of this thing people can't imitate my my in my fingerprint they can't imitate my face they can't do any they can't that's very hard to do um so type in who you are and will automatically authenticate you uh from a um a biometric database in the cloud that simple we recognize we know who you are we recognize you you you walk in and um and you you people were in the audience probably saying why do I have to type in Larry dois and oracle.com why can't you just recognize me uh if we can do that too proba don't even to type type that in either but the idea uh that we use passwords is a ridiculous idea it's obsolete it's very dangerous passwords are collected you know we now that we've made passwords very hard to remember you know what people do when your password is dollar signore back slash capital Z small Z capital V 1 26 what one of those things everyone writes those down and then they use the same password the same exact password in every single um log on they every every e-commerce log on they have they reuse the their same password over and over again um this and and then those passwords get stolen and resold on the dark web Etc biometric logins are much easier to use and much more much faster and much more secure the uh it takes a couple minutes to register yourself biometrically in a biometric database you you uh you point your smartphone to your face for a couple of seconds you put your fingerprint on your on on the smartphone you can record your voice if you want to uh and we registered it in uh in a uh biometric datab the login database in a couple couple of minutes by the way a year from now a year from now you won't be able to log into Oracle people who work at Oracle will not be able to log into the systems using passwords they are just not secure therefore that option is going to be gone inside of Oracle not everyone needs to do this it's 100% voluntary but it is much much more secure uh and there are lots of applications for biometric authentication um I know I've had to cancel credit cards and other people steal my credit card number people walk in the stores impersonate me all of this stuff they cancel my credit card but identity theft is very common well we can have biometrically authenticated credit cards same exact system um and people seem to like biometrically authenticated uh credit cards apple pays an example Google get Bay is an example um but we think rather than keeping keeping the authentication in your smartphone you have to have the your smartphone with you all the time though AUD will carry it all the time it's it's actually better and more secure and safer uh to keep it in a bio in a biometric database and we can authenticate all the by there about 22,000 credit card transactions per second in the world well we can very easily authenticate them with no within subsec response time authentic authenticate people at a rate of 22,000 per second or much higher that is not really a problem we can do that well what about it's got to be up seven days a week 24 hours a day can never go down well that's how we built the Oracle database it is um because what runs on cluster Hardware we are fully fall tolerant we don't ever have to go down we we live patch the database typ typically we don't go down so we can do this we can make it so much easier we can we can deliver absolutely uh fraud prooof credit cards that are biometrically authenticated um there are many other applications passport control I mean a lot of people come when you land at the airport and you and you you're on the speed line going through what do you think's happening you're getting biometrically authenticated uh camera is looking at your picture and saying okay you are you are Larry Elis and you just walk through uh but what about schools how do we make sure there's no one on capus that is not authorized to be there we can use Biometrics to make sure that there's no one entering this school building that shouldn't be entering this school building there no one there's no one driving into the parking lot who's not allowed to drive drive into the parking lot we look at you use license PL readers and facial recognition uh pick up prescriptions uh but also but there a variety of other things uh there was massive fraud uh during covid-19 people getting government entitlements uh for for covid-19 we can well because they they pretended to be 30 different people and collected 30 times more than they were supposed to we can stop all of that that's actually fairly easy to stop with biometric authentication it's becomes very difficult to impersonate somebody else if you have proper user authentication okay last one the fourth pillar which is network security and for network security um a a dear friend of mine uh by the name of an Danny Hillis uh same guy who invented thinking machines when he was an undergraduate in MIT came to Oracle with the this idea called zipper which is a Next Generation network security technology and uh we worked with Danny and um we actually ended up buying a bunch of his company uh and we took the ideas Danny's ideas and we implemented a new generation a new generation of network security and it is uh it solves an incredibly important problem network security if any if anyone in the audience here is in charge with securing the network either on premise or in a cloud this is an astoundingly complicated problem it's very complicated problem because when you configure a network there are two competing goals one is you want to make it very high performance very reliable lots of Pathways a lot of bandwidth you got to make it very fast everyone wants their their Network to be fast and reliable and then they say oh but by the way while you're making it fast and reliable I also want you to make sure that no one no one's on the network moving data from point A to P point B where that is not allowed I'm going to give you this one set of tools uh for you to configure the network but make sure two things are true it's fast and it's secure all right when you do that and let's say you're trying to make improve the performance of your network you add ports or add Roots if you're not careful as you add ports and and add uh roots and subnets and things like that you could Auto you could accidentally be creating these security vulnerabilities if happens all the time it's why it's so difficult to get someone to change their network configuration because there are so many security audits required before you change your network configuration and you get these unbelievably complicated pictures I mean you've got you know over on the left you've got the public Internet it's going through an internet gateway it's going to a load balancer a couple of load balancers from balancers to application servers from application servers to database servers from database servers through a cloud services Gateway uh incredibly complicated picture uh the you you try to configure the network with these separate zones these safe areas called subnets uh and it's very very difficult to do uh the the slightest mistake the slightest mistake it can expose your data to the public internet expose your data to hackers so the solution to the problem is you really have to separate network security from network configuration network configuration don't worry about two things worry about one thing worry about making it fast and reliable then let's build an all new system that's responsible for network security and that all new that all new system will authorize certain paths through the network for certain users to use certain Services look at certain data and only authorized paths are are owed and no other paths will be allowed it's a it's a brand new network security system that is separate from network configuration rather than blended with network configuration uh the and and once again we're going to use code generation we're not going to have you write the code we're going to have you simply D you know specify the intent of of how how zipper works and to enforce zipper we have a code generator to enforce zipper what we actually do is we look at we have computers in our Cloud that will look at every single packet that goes goes through the network and make sure it's an authorized it's an authorized Journey from point A to point B and that means we're literally we got these robots these robots inspecting packets in our Network billions of packets are being inspected every second um simple example uh so the code generator is okay how do you authorize a path how do you authorize a data path you simply uh you simply say I'm having trouble okay there we go that this is saying allow the accounting the accounting application to connect to the database the accounting database it says okay you got a computer that is running the accounting applications and it's allowed to uh talk to the the accounting database it might be the only application that's allowed to to talk to the accounting database and it's an e and it's an easy to read English Okay so let's say we we move or we add we move uh the DAT the database from one location to another we even expose it to the public internet well the only thing that can access that database according to zipper is the accounting application I don't care where it is you can move it wherever you want to you will not be exposed by changing the configuration you will not be exposing your data that's a very big deal the system robotic will automatically adapt you can change your configuration you can add ports you can do all sorts of things and zipper will automatically regenerate new robots uh to make sure that your data is still protected and you suddenly get a much simpler you get a much simpler network configuration there are none of these subnets uh you you you don't have to worry about security when you're computer network you just worry about performance and REI and reliability and to protect this network the entire thing the entire if you will security program are those four lines sitting in front of you and all all of your security for your network is in one place it's unified it's all stored in one place in one database in the zipper language and the zipper language then generates these robots the configuration changes it knows the configuration has changed it updates those robots immediately before the network is then available to use okay so we were able to implement zipper in oci because oci has a very different network than any other Cloud company OC has this thing we call it it's a Gen 2 cloud with this thing called the genu network I'm going to use a few acronyms um our our Network architecture has different hardware and different software than any of the other clouds we have a a network called Rocky that's an R RDMA over uh converged ethernet okay what is that unbelievably fast version of ethernet with this thing called RDMA which allows one computer to look into the memory of another computer it's connected to without going through the operating system it's like a very fast path that the computers can look at each other's memory if they're authorized to do that so it's a super fast Network many times faster than TP than typical networks uh we also have Network processors uh that that that virtual so when when we do that isolate us isolate our computers our Network the Oracle Cloud network is isolated from the public internet where not part of the is isolated from the internet period because we do all of our Network routing in our own computers our in our own network processors and inside of our own Hardware uh we we we do that virtualization we have that additional Hardware in our computers in our Cloud that does all of the network routing and does all of the network security and then we have Network controllers if you will that just um manage the network problem processors so when Danny came along with his idea for zipper it fit perfectly into Oracle Gen 2 Network architecture so after a few discussions and aot you know uh we decided this is an ideal approach for the Oracle Cloud uh because we can do the packet inspection you we have all of these Network processors that can run the packet inspecting robots and run them very fast easily do billions per second not a problem because we've because our net we have this smart network uh with with these process separate processors separate memory that can do all of this package inspection and make sure that only authorized Roots only roots that you authorize when in the in the zipper language uh will will will propagate to make sure no one can exfiltrate no one can take take credit card data or social security card data and move it from point A to point B because it's not authorized so you combine biometric identity getting rid of passwords and using Biometrics with this new generation uh this of of zipper this code generator and these autonomous robots that do packet inspection in the network and you stop most serious cyber attacks you it's almost impossible for users to Infiltrate The System if you're protecting yourself using biometric authentication and it's pretty much impossible to move move data out of the system across an unauthorized route if if it's not authorized explicitly by you you have to say you have to explicitly say it's okay to move data from point A to point B if you don't say that the packet inspection the packet robots the zipper robots won't let the data move and that's the vast majority of Cyber attack that we can block using the combination of zipper uh and biometric authentication it's available it's available in the Oracle Cloud as of today we have implemented version one of zipper in the Oracle Cloud today by this time next year Oracle employees won't be using passwords and a lot of you will have the choice to not use passwords anymore but instead to use some use biometric identity zipper running biometric identity code generation from zipper code generation from Apex autonomous database running on autonomous Linux all of these AI Technologies all of these AI Technologies give us a chance to win the Cyber Wars and if you're worried about cyber criminals and you think they pose a threat wait till you look at the capabilities of nation states who can shut down utilities entire utilities uh uh in in an unfriendly moment so we need we need to make sure that our digital systems our digital infrastructure is much more secure than it is today and we have the technology to do it thank you very much [Applause] the [Music]
2024-09-14 12:23
