2_23

advertisement
SECURING THE CLOUDS
Presented By:
Dr. Mohammed Imtiaz Ahmed
Librarian, Pt. Ravi Shankar Shukla University
Raipur (C.G), 492010
Mohammed Bakhtawar Ahmed
Columbia Institute of Engineering & Technology
Raipur (C.G), 492001
Debojit Das
Columbia Institute of Engineering & Technology
Raipur (C.G), 492001
CLOUD SECURITY FUNDAMENTALS
Security is a prime concern when entrusting organizations
critical information to geographically dispread platform not
under the direct control of the organization. Three factors that
support information assurance are confidentiality, integrity and
availability.
THE TWO THREATS
INSIDER THREAT:- unauthorized access by authorized
person.
OUTSIDER THREAT:- Unauthorized access by unauthorized
person.
EXAMPLE
Two good examples of commercial secure storage services
which encrypt data client-side before transmitting it
outside the user's machine (reasonably considered trusted)
are:
Spideroak
GoldKey
To reduce the time required for encryption & decryption, a
promising project released under GNU License named
Tahoe aims to provide components to build a distributed
secure storage system. Besides the encryption mechanism, it
also implements an algorithm that splits data in n chunks
storing them on different nodes. At retrieval time only m<n
nodes are needed to rebuild the original data.
SEARCHABLE
ENCRYPTION
Searchable encryption is a broad concept that deals with searches
in encrypted data. The goal is to outsource encrypted data and be
able to conditionally retrieve or query data without having to
decrypt all the data. It makes use of symmetric encryption and
provides:
Controlled searching
Hidden queries
These two properties guarantee that the server is not able to learn
anything more about the plaintext than the search result.
Another approach for searchable encryption is to use
asymmetric encryption. The first scheme for searchable
encryption that makes use of public key cryptography is
the Public-Key Encryption with keyword Search (PEKS)
scheme.
CONCLUSION
We have viewed in this presentation, the recent advances
in crypto that we foresee will add a new layer of security
to network and boost its adoption. As we have discussed
in the presentation, most cryptographic primitives are
ready to be used. We only need to convince the network
based service Providers to implement them or produce
efficient implementations that could ease its inclusion in
open source network platforms.
Any Questions Please?
Comments!
THANK YOU
Download