SECURING THE CLOUDS Presented By: Dr. Mohammed Imtiaz Ahmed Librarian, Pt. Ravi Shankar Shukla University Raipur (C.G), 492010 Mohammed Bakhtawar Ahmed Columbia Institute of Engineering & Technology Raipur (C.G), 492001 Debojit Das Columbia Institute of Engineering & Technology Raipur (C.G), 492001 CLOUD SECURITY FUNDAMENTALS Security is a prime concern when entrusting organizations critical information to geographically dispread platform not under the direct control of the organization. Three factors that support information assurance are confidentiality, integrity and availability. THE TWO THREATS INSIDER THREAT:- unauthorized access by authorized person. OUTSIDER THREAT:- Unauthorized access by unauthorized person. EXAMPLE Two good examples of commercial secure storage services which encrypt data client-side before transmitting it outside the user's machine (reasonably considered trusted) are: Spideroak GoldKey To reduce the time required for encryption & decryption, a promising project released under GNU License named Tahoe aims to provide components to build a distributed secure storage system. Besides the encryption mechanism, it also implements an algorithm that splits data in n chunks storing them on different nodes. At retrieval time only m<n nodes are needed to rebuild the original data. SEARCHABLE ENCRYPTION Searchable encryption is a broad concept that deals with searches in encrypted data. The goal is to outsource encrypted data and be able to conditionally retrieve or query data without having to decrypt all the data. It makes use of symmetric encryption and provides: Controlled searching Hidden queries These two properties guarantee that the server is not able to learn anything more about the plaintext than the search result. Another approach for searchable encryption is to use asymmetric encryption. The first scheme for searchable encryption that makes use of public key cryptography is the Public-Key Encryption with keyword Search (PEKS) scheme. CONCLUSION We have viewed in this presentation, the recent advances in crypto that we foresee will add a new layer of security to network and boost its adoption. As we have discussed in the presentation, most cryptographic primitives are ready to be used. We only need to convince the network based service Providers to implement them or produce efficient implementations that could ease its inclusion in open source network platforms. Any Questions Please? Comments! THANK YOU