Samuel Borthwick, profile picture
Uploaded bySamuel Borthwick
132 views

Exploring Cloud Encryption

The document discusses the importance of cloud encryption methodologies in securing data within cloud computing, including a review of various encryption techniques such as symmetric, asymmetric, and homomorphic encryption. It highlights the challenges organizations face regarding data security due to cyber threats and emphasizes the need for effective key management practices. Additionally, the paper suggests that the future of cloud encryption may lie in advancing homomorphic encryption to allow data processing while keeping information encrypted.

Embed presentation

Download to read offline
CLOUD ENCRYPTION METHODOLOGY 1 Exploring the Cloud Encryption: The Past and the Future Samuel A. Borthwick CIT 516000: Database Security and Auditing Dr. Xiao Luo November 18, 2020
CLOUD ENCRYPTION METHODOLOGY 2 Abstract Cloud computing is becoming increasingly more common as a way for organizations to work due to virtualization. Securing data over cloud is still a barrier many parties face when deciding whether to adopt cloud. Encryption is a major component of security when working with cloud databases. This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption. Exploring the Cloud Encryption: The Past and the Future The emergence of Cloud computing has changed the way businesses have set up their IT infrastructure. Salesforce’s article, 12 Benefits of Cloud Computing, references a study done by the International Data Group that states “69% of businesses are already using cloud technology in one capacity or another, and 18% say they plan to implement cloud-computing solutions at some point” (12 Benefits of Cloud Computing, 2020). The benefits of using cloud computing are tremendous and companies are starting to realize how vital it will be for their future. Cloud computing, like that of web-based email, allows users to access all their files and applications without having to keep the physical data on their own computers. The flexibility to not have an established network infrastructure is not just a huge cost savings to companies, but it also serves as a way for a much faster implementation by leasing Cloud data storage. With the increased convenience of accessing data, comes an increased risk in security threats as well as complex cloud-specific threats that may be unrecognizable to conventional database administrators. If a business’s data can be accessed by its employees at any location, it is reasonable to predict that cybercriminals will likely attempt to take advantage of this increasingly popular system. The implications of a data leak from any company could have devastating consequences. The CEO and President of IBM, Ginni Rometty, stated that cybercrime, “Is the greatest threat to every profession, every industry, every company in the world” (Rometty, 2015). A key role in cloud security is the encryption and decryption of data in the cloud. This paper will provide a review of current cloud encryption research, analyze the various encryption methods that apply to cloud computing, and go over best practices. Literature Review A View About Cloud Data Security from Data Life Cycle This publication by Xiaojun Yu and Qiaoyan Wen details how data security has become the central problem of cloud computing (Yu, 2010). The authors make the argument that that
CLOUD ENCRYPTION METHODOLOGY 3 cloud data security should be solved from the data life cycle. The data life cycle model they refer to, as shown in Figure 1, includes 5 stages: create, store, Use and share, archive, and destruct. Figure 1. Data Life Cycle Model Internal threats are most likely to com from cloud service providers and users of the clous where external threats can come anywhere (Yu, 2010). As soon as data is generated, that is when risks are present. The adversary could do several things from data tampering to editing the access controls. Stored data presents the most risks, as this is when the data is the most vulnerable. Information has the potential to leak while creating a backup. Sharing data further poses a risk due to the means of transmitting the data. The archive stage is often safer due to the data not being used temporarily, but until data is completely destroyed in the destruct phase, threats still pose a risk. Yu’s premise is based off taking the following five steps when initiating the general data security process (Yu, 2010): 1. The user classifies data with sensitivity level as it is created. 2. The user then stored data into the cloud via contact with a cloud sever. The client should encrypt the data before sending it to the cloud server proxy or build a secure link in which the data is stored to the cloud. 3. Data that is not actively being used is archived. 4. When transmitting data, the cloud server proxy gives proof of data integrity to the client. If integrity of data is intact, key management is then initiated to start the transmission of data 5. When the data is no longer needed, the client sends a data destroy request to the cloud proxy who will then initiate the process of destroying data, followed by sending back proof to the client. This step to include key management between the client and cloud proxy, so that vital information is not deleted from internal or external threats. Cryptography in Cloud Computing: A Basic Approach to Ensure Security in Cloud Rishav Chatterjee is his research article, Cryptography in Cloud Computing: A Basic Approach to Ensure Security in Cloud, gives an overview of the benefits of cloud computing that make it so attractive to companies. Cloud computing requires no underlying infrastructure and follows a user-friendly model that only requires payment for storage used (Chatterjee, 2017).
CLOUD ENCRYPTION METHODOLOGY 4 Furthermore, it allows for virtualization of physical resources and wide accessibility that was not previously obtainable. According to Chatterjee, there are two unique groups of models: deployment models and service models. The deployment model consists of Private cloud, Public cloud, and a hybrid of both. Service models on the other hand consist of Iaas, Saas, and Paas. While the benefits of cloud are overwhelming, privacy and security remain a concern. Different types of service models under cloud computing offer different levels of security services. Iaas (Infrastructure as a Service) offers the minimum security, while Saas offers the highest level of security. This paper looks at the various algorithms in encryption including Symmetric, Asymmetric, and Hashing. and encryption techniques. Brief summaries of encryption techniques are provided for Advanced Encryption Standard, Blowfish Algorithm, Data Encryption Standard, and RSA Cryptosystem. The research article ends with discussing the most prominent problems facing cloud computing such as data theft, data integrity, loss of data, and location of data. Homomorphic Encryption for Data Security in Cloud Computing Traditional standard encryption methods provide security during data storage and data transmission (Chauthan, 2015). Encryption for data in the processing state has not been possible without first decryption. This poses a great security risk for cloud computing and has since been a barrier to organizations considering the transfer to cloud. The reason this is a concern is because data confidentiality must be forfeited for any operations (totals, averages, standard deviations) to be performed on the data. The author of this research paper, Kamal Chauhan, argues that the solution to this problem would be to perform operations on data that is currently encrypted on the cloud server. This type of encryption is referred to as Homomorphic Encryption. The homomorphic encryption technique allows the user to operate ciphertext directly. The user can decrypt the results of the cipher and see that it matches the same as if operations were carried out in plaintext. While this has the potential to change cloud security for the better, it still is developing and currently carries several obstacles. It is very inefficient in the amount of time it takes to complete operations. Furthermore, the amount of operations that can be done are very limited. More computing power is needed for this encryption to be rolled out on a massive scale. Data Security and Privacy in Cloud Storage using Hybrid Symmetric Encryption Algorithm Dr. Arockiam notes in this research paper, that while cloud computing is transformative in its ability to store massive amounts of data and centralize data warehouses, it does leave room for opportunistic cyber thieves (Arockiam, 2013). Many research problems are yet to be identified, giving leverage to criminal behavior as the rush to both harm and defend cloud databases intensifies. Dr. Arockiam identifies Symmetric encryption as best suited for handling large volumes of data efficiently in cloud storage. This paper also proposes an algorithm improving on classical encryption techniques by integrating substitution cipher and transposition cipher. Dr. Arockiam describes the algorithm:
CLOUD ENCRYPTION METHODOLOGY 5 “In the proposed algorithm, initially the plain text is converted into corresponding ASCII code value of each alphabet. In classical encryption technique, the key value ranges between 1 to 26 or key may be string (combination alphabets). But in proposed algorithm, key value range between 1 to 256. This algorithm is used to encrypt the data of the user in the clouds. Since the user has no control over the data after his session is logged out, the encryption key acts as the primary authentication for the user” (Arockiam, 2013). Data Security and Privacy Protection Issues in Cloud Computing This paper by Deyan Chen provides an overview of some of the challenges in security facing cloud computing as well as current solutions. According to a survey from IDCI in 2009, 74% IT managers and CIOs believed that the primary challenge that hinders them from using cloud computing services is cloud computing security issues (Chen, 2012). Choosing the right vendor can sometimes be challenging, as different vendors offer different levels of security and understanding the differences can be difficult to comprehend. Figure 2 shows a visual of cloud computing security architecture. Figure 2. Cloud Computing Security Architecture Key management, as Chen points out turns into a major issue. Not every company has the infrastructure to manage massive amounts of keys with the type of protocols that advanced encryption requires. Ultimately Chen believes a fully homomorphic encryption scheme, like that developed by IBM, would solve the majority of problems facing cloud security by allowing data to remain encrypted while being processed. Encryption Methodologies This section outlines the two main types of encryption classifications, symmetric and asymmetric, and gets into specific encryption techniques. A breakdown of homomorphic encryption will be given and an analysis on its future implications. Due to the importance of key management, best practices will be discussed in this section as well.
CLOUD ENCRYPTION METHODOLOGY 6 Symmetric Encryption Symmetric encryption (see Figure 3) involves the use of one single key for both encryption and decryption (Arockiam, 2013). Figure 3. Symmetric Encryption For example, a source would produce a message in plaintext. The encrypt, a key is the generated at the message source and provided to the destination through a secure channel for decryption. Because Symmetric Encryption only requires one key and is the more simplistic form of encryption, it is much faster method than asymmetric, and is almost exclusively used to transmit data in bulk. It requires much less computational power than asymmetric and because of this, is much more cost-efficient. DES. The Data Encryption Standard (DES) is a block cipher developed in 1977 by the National Institute of Standards (Chatterjee, 2017). At the encryption site, DES takes 64-bit plaintext and creates 64-bit cipher text. During decryption, 64-bit cipher text is created back to 64-bit plaintext, so both the cipher and plaintext stay at 64-bit throughout the entire process. The key however is a 56-bit cipher key used for both encryption and decryption. Encryption takes place in two permutations, initial and final permutation. There are sixteen different rounds throughout encryption and each round uses a different sort of 48-bit key which is generated from the cipher key based on a predefined algorithm. See Figure 5.
CLOUD ENCRYPTION METHODOLOGY 7 Figure 4. DES Architecture AES. Advanced Encryption Standard (AES) is a symmetric key algorithm. Each of the ciphers has a 128-bit block size with key sizes of 128, 192, and 256 bits (Chatterjee, 2017). See Figure 5. Figure 5. AES Architecture With AES, rows are shifted in a transposition step where each row is shifted a certain number of steps. Columns are mixed, combining the four bytes in each column. The key that is generated follows the shifts in the rows and mixed columns to generate a key that is used for both encryption and decryption, as it is symmetric. The National Institute of Standards developed AES in 1997 for the U.S. government (Rouse, 2020). AES VS DES. AES was developed largely to replace DES in securing classified information for the US government. The time required to crack an encryption algorithm is directly related to the length of the key used to secure the communication (Rouse, 2020).
CLOUD ENCRYPTION METHODOLOGY 8 AES has much larger key sizes—128-bit, 192-bit, and 256-bit, making it much stronger than the 56-bit key of DES. Asymmetric Encryption In Asymmetric Encryption, different keys are used for encryption and decryption. Each of the receivers have their own key for decryption, known as their private key. Receivers share a key for encryption, known as the public key. Due to this two-key architecture, Asymmetric has a much higher level of security. Common applications for Asymmetric Encryption include blockchain, text communication, and intellectual property. See Figure 6. Figure 6. Asymmetric Encryption RSA. The oldest and still most used asymmetric cryptosystem is RSA encryption (Chatterjee, 2017). Considered the most secure used method of encryption, RSA involves two keys, the private key and the public key. In the verification process, the server implements authentication of the public key by signing a unique message known as the digital signature. The use of a digital signature allows for further security. The key sizes for RSA are far larger (512- bit, 1024-bit, 2048-bit, 3072-bit, and 4096-bit) than those of Symmetric methods making it far more secure. Homomorphic Encryption A current limitation to cloud computing is that encryption can only be applied to data that is in a storage state or transmission state. Homomorphic Encryption allows data to be processed while still in an encrypted state (Chauhan, 2015). For example, plain text of 5 and 10 could be encrypted to X and YZ. X and YZ could then be added together to form (X+YZ). No party would ever know the value of (X+YZ) is equal to 15, because they would only be able to see the encrypted text, X and YZ. Only until the final step of decryption, would the receiver know that (X+YZ) =15. See Figure 7.
CLOUD ENCRYPTION METHODOLOGY 9 Figure 7. Homomorphic Encryption Example Because the level of computational power required for Homomorphic Encryption is tremendous, Homomorphic is still very young in its development and is not able to be adopted widely. The biggest benefit Homomorphic Encryption could potentially have, is allowing parties to share data with each other, while still protecting each party’s individual data from being revealed. A practical application would include free elections where votes could be added up while keeping the results of each vote private, allowing for a more secure and transparent election process. Currently IBM and Microsoft are working to speed up the process of Homomorphic Encryption in hopes that it can soon be deployed on a much larger scale. Key Management Best Practices Encryption, both Symmetric and Asymmetric, is only as reliable as the security of its keys. Symmetric is more vulnerable since the same key is used for encryption and decryption. Key management can be a challenge for many parties with the complexity of key protocols. Best practices should include: • Centralize Encryption key management systems • Use automation to rotate keys at set intervals • Keep strict logging and auditing of encryption key use • Create an Encryption Key Management Policy for Employees • Rotate Your Keys Companies should adopt centralized, in-house key management policies. However, many companies and organizations may not have the underlying infrastructure, so hiring a third-party
CLOUD ENCRYPTION METHODOLOGY 10 key management service may be required. By centralizing encryption keys, it minimizes the number of places where keys can get exposed to attackers. Conclusion and Future Scope Cloud computing is emerging as a standard practice in information technology for companies and organizations across the globe. As it becomes more common place, so will the need to secure against current known threats and unknown threats that have yet to be determined. Ultimately encryption is the best defense against cyber criminals attacking the cloud. The two distinct encryption algorithms are Symmetric and Asymmetric. Symmetric is highly efficient and is best for transmitting data in bulk, where Asymmetric offers a much higher level of security through a public and private key. Best practices and set policies should be used when approaching key management. Homomorphic Encryption offers a large scope possibility of future improvement and still early in development. Finding ways to decrease the amount of computational overhead for Homomorphic to be efficient, leaves much research for the future. Advances in machine learning are a likely avenue for Homomorphic and need to be investigated.
CLOUD ENCRYPTION METHODOLOGY 11 References Arockiam, L. (2013). Data Security and Privacy in Cloud Storage using Hybrid Symmetric Encryption Algorithm. Retrieved November 11, 2020, from https://www.academia.edu/6899998/Data_Security_and_Privacy_in_Cloud_Storage_using_Hybr id_Symmetric_Encryption_Algorithm Birch, S. (2016, August 05). IBM's CEO on hackers: "Cyber crime is the greatest threat to every company in the world". Retrieved November 18, 2020, from https://www.ibm.com/blogs/nordic- msp/ibms-ceo-on-hackers-cyber-crime-is-the-greatest-threat-to-every-company-in-the-world/ Chatterjee, R. (n.d.). (PDF) Cryptography in Cloud Computing: A Basic Approach to ... Retrieved November 11, 2020, from https://www.researchgate.net/publication/320755577_Cryptography_in_Cloud_Computing_A_B asic_Approach_to_Ensure_Security_in_Cloud D. Chen and H. Zhao, "Data Security and Privacy Protection Issues in Cloud Computing," 2012 International Conference on Computer Science and Electronics Engineering, Hangzhou, 2012, pp. 647-651, doi: 10.1109/ICCSEE.2012.193. K. K. Chauhan, A. K. S. Sanger and A. Verma, "Homomorphic Encryption for Data Security in Cloud Computing," 2015 International Conference on Information Technology (ICIT), Bhubaneswar, 2015, pp. 206-209, doi: 10.1109/ICIT.2015.39. MANDEEP KAUR MANISH MAHAJAN (2013) Using encryption Algorithms to enhance the Data Security in Cloud Computing. International Journal of Communication and Computer Technologies, 1 (2), 130-133. doi:10.31838/ijccts/01.02.12 Rouse, M. (2020, April 17). What is AES Encryption and How Does it Work? Retrieved November 19, 2020, from https://searchsecurity.techtarget.com/definition/Advanced-Encryption- Standard Singla, Jasmeet Singh, S. (2013). Cloud Data Security using Authentication and Encryption Technique. Global Journal Of Computer Science And Technology, . Retrieved from https://computerresearch.org/index.php/computer/article/view/201 X. Yu and Q. Wen, "A View about Cloud Data Security from Data Life Cycle," 2010 International Conference on Computational Intelligence and Software Engineering, Wuhan, 2010, pp. 1-4, doi: 10.1109/CISE.2010.5676895 Thakkar, J. (2020, November 03). 12 Enterprise Encryption Key Management Best Practices. Retrieved November 11, 2020, from https://www.thesslstore.com/blog/12-enterprise-encryption- key-management-best-practices/ Thakkar, J. (2020, November 03). 12 Enterprise Encryption Key Management Best Practices. Retrieved November 11, 2020, from https://www.thesslstore.com/blog/12-enterprise-encryption- key-management-best-practices/ 12 Benefits of Cloud Computing and Its Advantages. (2020). Retrieved November 18, 2020, from https://www.salesforce.com/products/platform/best-practices/benefits-of-cloud-computing/

More Related Content

PDF
Research Paper Digital Forensics on Google Cloud Platform
bySamuel Borthwick
 
PDF
C017421624
byIOSR Journals
 
PDF
Secure Data Sharing In an Untrusted Cloud
byIJERA Editor
 
PDF
International Journal of Computational Engineering Research(IJCER)
byijceronline
 
PDF
Security Issues’ in Cloud Computing and its Solutions.
byIJCERT JOURNAL
 
PDF
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
bydbpublications
 
PDF
Challenges and Proposed Solutions for Cloud Forensic
byIJERA Editor
 
PDF
Comparison of data security in grid and cloud
byeSAT Publishing House
 
Research Paper Digital Forensics on Google Cloud Platform
bySamuel Borthwick
 
C017421624
byIOSR Journals
 
Secure Data Sharing In an Untrusted Cloud
byIJERA Editor
 
International Journal of Computational Engineering Research(IJCER)
byijceronline
 
Security Issues’ in Cloud Computing and its Solutions.
byIJCERT JOURNAL
 
Role Based Access Control Model (RBACM) With Efficient Genetic Algorithm (GA)...
bydbpublications
 
Challenges and Proposed Solutions for Cloud Forensic
byIJERA Editor
 
Comparison of data security in grid and cloud
byeSAT Publishing House
 

What's hot

PDF
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
byEditor IJMTER
 
PDF
Single Sign-on Authentication Model for Cloud Computing using Kerberos
byDeepak Bagga
 
PDF
An proficient and Confidentiality-Preserving Multi- Keyword Ranked Search ove...
byEditor IJCATR
 
PDF
5.[40 44]enhancing security in cloud computing
byAlexander Decker
 
PDF
Br36413417
byIJERA Editor
 
PDF
B1802041217
byIOSR Journals
 
PDF
International Journal of Engineering Research and Development
byIJERD Editor
 
PDF
Privacy and Integrity Preserving in Cloud Storage Devices
byIOSR Journals
 
PDF
Improving security for data migration in cloud computing using randomized enc...
byIOSR Journals
 
PDF
Analysis of classical encryption techniques in cloud computing
byredpel dot com
 
PDF
Cloud Data Security and Secure Data Sharing Methods
byIJCSIS Research Publications
 
PDF
Enhanced Integrity Preserving Homomorphic Scheme for Cloud Storage
byIRJET Journal
 
PDF
The Death Of Computer Forensics: Digital Forensics After the Singularity
byTech and Law Center
 
PDF
Research On Preserving User Confidentiality In Cloud Computing – Design Of A ...
byIJERA Editor
 
PDF
Cloud Data Security and Secure Data Sharing Methods
byIJCSIS Research Publications
 
PDF
A Security Model for Virtual Infrastructure in the Cloud
byEditor IJCATR
 
DOCX
pay as you decrypt decryption outsourcing for functional encryption using blo...
byVenkat Projects
 
PDF
G033030035
byijceronline
 
PDF
Groupchain
byTamzida_Azad
 
PDF
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...
byijsrd.com
 
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
byEditor IJMTER
 
Single Sign-on Authentication Model for Cloud Computing using Kerberos
byDeepak Bagga
 
An proficient and Confidentiality-Preserving Multi- Keyword Ranked Search ove...
byEditor IJCATR
 
5.[40 44]enhancing security in cloud computing
byAlexander Decker
 
Br36413417
byIJERA Editor
 
B1802041217
byIOSR Journals
 
International Journal of Engineering Research and Development
byIJERD Editor
 
Privacy and Integrity Preserving in Cloud Storage Devices
byIOSR Journals
 
Improving security for data migration in cloud computing using randomized enc...
byIOSR Journals
 
Analysis of classical encryption techniques in cloud computing
byredpel dot com
 
Cloud Data Security and Secure Data Sharing Methods
byIJCSIS Research Publications
 
Enhanced Integrity Preserving Homomorphic Scheme for Cloud Storage
byIRJET Journal
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
byTech and Law Center
 
Research On Preserving User Confidentiality In Cloud Computing – Design Of A ...
byIJERA Editor
 
Cloud Data Security and Secure Data Sharing Methods
byIJCSIS Research Publications
 
A Security Model for Virtual Infrastructure in the Cloud
byEditor IJCATR
 
pay as you decrypt decryption outsourcing for functional encryption using blo...
byVenkat Projects
 
G033030035
byijceronline
 
Groupchain
byTamzida_Azad
 
Effective & Flexible Cryptography Based Scheme for Ensuring User`s Data Secur...
byijsrd.com
 

Similar to Exploring Cloud Encryption

PDF
U04503119122
byIJERA Editor
 
PDF
A Novel Approach for Data Security in Cloud Environment
bySHREYASSRINATH94
 
PDF
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
byIRJET Journal
 
PDF
Cloud Cryptography
byijtsrd
 
PDF
IRJET- Ensuring Security in Cloud Computing Cryptography using Cryptography
byIRJET Journal
 
PDF
Cloud computing and a new approach in data encryption technique
byMahmuda Rahman
 
PDF
Cloud security: literature survey
byIJECEIAES
 
PDF
262 265
byEditor IJARCET
 
PPTX
Cloud Encryption
byRituparnaNag
 
PDF
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
byEditor IJCATR
 
PDF
Secure Cloud Environment Using RSA Algorithm
byIRJET Journal
 
PDF
Improving Data Storage Security in Cloud using Hadoop
byIJERA Editor
 
PDF
Enhancing Privacy in Cloud Service Provider Using Cryptographic Algorithm
byIOSR Journals
 
PDF
Application of Elliptical Curve Cryptography in Empowering Cloud Data Security
byrahulmonikasharma
 
PDF
F017414853
byIOSR Journals
 
PDF
Kp3419221926
byIJERA Editor
 
PDF
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
byIRJET Journal
 
PDF
IRJET- Secure File Storage on Cloud using Cryptography
byIRJET Journal
 
PDF
Enhancing Cloud Computing Security for Data Sharing Within Group Members
byiosrjce
 
PDF
Q01725110114
byIOSR Journals
 
U04503119122
byIJERA Editor
 
A Novel Approach for Data Security in Cloud Environment
bySHREYASSRINATH94
 
IRJET- Data Security in Cloud Computing using Cryptographic Algorithms
byIRJET Journal
 
Cloud Cryptography
byijtsrd
 
IRJET- Ensuring Security in Cloud Computing Cryptography using Cryptography
byIRJET Journal
 
Cloud computing and a new approach in data encryption technique
byMahmuda Rahman
 
Cloud security: literature survey
byIJECEIAES
 
262 265
byEditor IJARCET
 
Cloud Encryption
byRituparnaNag
 
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...
byEditor IJCATR
 
Secure Cloud Environment Using RSA Algorithm
byIRJET Journal
 
Improving Data Storage Security in Cloud using Hadoop
byIJERA Editor
 
Enhancing Privacy in Cloud Service Provider Using Cryptographic Algorithm
byIOSR Journals
 
Application of Elliptical Curve Cryptography in Empowering Cloud Data Security
byrahulmonikasharma
 
F017414853
byIOSR Journals
 
Kp3419221926
byIJERA Editor
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
byIRJET Journal
 
IRJET- Secure File Storage on Cloud using Cryptography
byIRJET Journal
 
Enhancing Cloud Computing Security for Data Sharing Within Group Members
byiosrjce
 
Q01725110114
byIOSR Journals
 

Recently uploaded

PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PDF
Track Phone Location by Number (2026)_ What’s Actually Possible for Free (and...
byEmily Woods
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PDF
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
PDF
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
PDF
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
Track Phone Location by Number (2026)_ What’s Actually Possible for Free (and...
byEmily Woods
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
Post Quantum Cryptography for Dummies.pdf
byAde Ismail Isnan
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
Configure and Manage Systemd Timers- RHCSA (RH134).pdf
byLinuxCert Guru
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 

Exploring Cloud Encryption

  • 1.
    CLOUD ENCRYPTION METHODOLOGY1 Exploring the Cloud Encryption: The Past and the Future Samuel A. Borthwick CIT 516000: Database Security and Auditing Dr. Xiao Luo November 18, 2020
  • 2.
    CLOUD ENCRYPTION METHODOLOGY2 Abstract Cloud computing is becoming increasingly more common as a way for organizations to work due to virtualization. Securing data over cloud is still a barrier many parties face when deciding whether to adopt cloud. Encryption is a major component of security when working with cloud databases. This research analysis will go over the various encryption methods and summarize the previous research in encryption that has been done to this point. The advantages of Symmetric and Asymmetric Encryption will be discussed in terms of security and efficiency. As encryption becomes more advanced, so the need for proper key management increases as well. This paper will conclude with a look at what could be the future of cloud encryption, Homomorphic Encryption. Exploring the Cloud Encryption: The Past and the Future The emergence of Cloud computing has changed the way businesses have set up their IT infrastructure. Salesforce’s article, 12 Benefits of Cloud Computing, references a study done by the International Data Group that states “69% of businesses are already using cloud technology in one capacity or another, and 18% say they plan to implement cloud-computing solutions at some point” (12 Benefits of Cloud Computing, 2020). The benefits of using cloud computing are tremendous and companies are starting to realize how vital it will be for their future. Cloud computing, like that of web-based email, allows users to access all their files and applications without having to keep the physical data on their own computers. The flexibility to not have an established network infrastructure is not just a huge cost savings to companies, but it also serves as a way for a much faster implementation by leasing Cloud data storage. With the increased convenience of accessing data, comes an increased risk in security threats as well as complex cloud-specific threats that may be unrecognizable to conventional database administrators. If a business’s data can be accessed by its employees at any location, it is reasonable to predict that cybercriminals will likely attempt to take advantage of this increasingly popular system. The implications of a data leak from any company could have devastating consequences. The CEO and President of IBM, Ginni Rometty, stated that cybercrime, “Is the greatest threat to every profession, every industry, every company in the world” (Rometty, 2015). A key role in cloud security is the encryption and decryption of data in the cloud. This paper will provide a review of current cloud encryption research, analyze the various encryption methods that apply to cloud computing, and go over best practices. Literature Review A View About Cloud Data Security from Data Life Cycle This publication by Xiaojun Yu and Qiaoyan Wen details how data security has become the central problem of cloud computing (Yu, 2010). The authors make the argument that that
  • 3.
    CLOUD ENCRYPTION METHODOLOGY3 cloud data security should be solved from the data life cycle. The data life cycle model they refer to, as shown in Figure 1, includes 5 stages: create, store, Use and share, archive, and destruct. Figure 1. Data Life Cycle Model Internal threats are most likely to com from cloud service providers and users of the clous where external threats can come anywhere (Yu, 2010). As soon as data is generated, that is when risks are present. The adversary could do several things from data tampering to editing the access controls. Stored data presents the most risks, as this is when the data is the most vulnerable. Information has the potential to leak while creating a backup. Sharing data further poses a risk due to the means of transmitting the data. The archive stage is often safer due to the data not being used temporarily, but until data is completely destroyed in the destruct phase, threats still pose a risk. Yu’s premise is based off taking the following five steps when initiating the general data security process (Yu, 2010): 1. The user classifies data with sensitivity level as it is created. 2. The user then stored data into the cloud via contact with a cloud sever. The client should encrypt the data before sending it to the cloud server proxy or build a secure link in which the data is stored to the cloud. 3. Data that is not actively being used is archived. 4. When transmitting data, the cloud server proxy gives proof of data integrity to the client. If integrity of data is intact, key management is then initiated to start the transmission of data 5. When the data is no longer needed, the client sends a data destroy request to the cloud proxy who will then initiate the process of destroying data, followed by sending back proof to the client. This step to include key management between the client and cloud proxy, so that vital information is not deleted from internal or external threats. Cryptography in Cloud Computing: A Basic Approach to Ensure Security in Cloud Rishav Chatterjee is his research article, Cryptography in Cloud Computing: A Basic Approach to Ensure Security in Cloud, gives an overview of the benefits of cloud computing that make it so attractive to companies. Cloud computing requires no underlying infrastructure and follows a user-friendly model that only requires payment for storage used (Chatterjee, 2017).
  • 4.
    CLOUD ENCRYPTION METHODOLOGY4 Furthermore, it allows for virtualization of physical resources and wide accessibility that was not previously obtainable. According to Chatterjee, there are two unique groups of models: deployment models and service models. The deployment model consists of Private cloud, Public cloud, and a hybrid of both. Service models on the other hand consist of Iaas, Saas, and Paas. While the benefits of cloud are overwhelming, privacy and security remain a concern. Different types of service models under cloud computing offer different levels of security services. Iaas (Infrastructure as a Service) offers the minimum security, while Saas offers the highest level of security. This paper looks at the various algorithms in encryption including Symmetric, Asymmetric, and Hashing. and encryption techniques. Brief summaries of encryption techniques are provided for Advanced Encryption Standard, Blowfish Algorithm, Data Encryption Standard, and RSA Cryptosystem. The research article ends with discussing the most prominent problems facing cloud computing such as data theft, data integrity, loss of data, and location of data. Homomorphic Encryption for Data Security in Cloud Computing Traditional standard encryption methods provide security during data storage and data transmission (Chauthan, 2015). Encryption for data in the processing state has not been possible without first decryption. This poses a great security risk for cloud computing and has since been a barrier to organizations considering the transfer to cloud. The reason this is a concern is because data confidentiality must be forfeited for any operations (totals, averages, standard deviations) to be performed on the data. The author of this research paper, Kamal Chauhan, argues that the solution to this problem would be to perform operations on data that is currently encrypted on the cloud server. This type of encryption is referred to as Homomorphic Encryption. The homomorphic encryption technique allows the user to operate ciphertext directly. The user can decrypt the results of the cipher and see that it matches the same as if operations were carried out in plaintext. While this has the potential to change cloud security for the better, it still is developing and currently carries several obstacles. It is very inefficient in the amount of time it takes to complete operations. Furthermore, the amount of operations that can be done are very limited. More computing power is needed for this encryption to be rolled out on a massive scale. Data Security and Privacy in Cloud Storage using Hybrid Symmetric Encryption Algorithm Dr. Arockiam notes in this research paper, that while cloud computing is transformative in its ability to store massive amounts of data and centralize data warehouses, it does leave room for opportunistic cyber thieves (Arockiam, 2013). Many research problems are yet to be identified, giving leverage to criminal behavior as the rush to both harm and defend cloud databases intensifies. Dr. Arockiam identifies Symmetric encryption as best suited for handling large volumes of data efficiently in cloud storage. This paper also proposes an algorithm improving on classical encryption techniques by integrating substitution cipher and transposition cipher. Dr. Arockiam describes the algorithm:
  • 5.
    CLOUD ENCRYPTION METHODOLOGY5 “In the proposed algorithm, initially the plain text is converted into corresponding ASCII code value of each alphabet. In classical encryption technique, the key value ranges between 1 to 26 or key may be string (combination alphabets). But in proposed algorithm, key value range between 1 to 256. This algorithm is used to encrypt the data of the user in the clouds. Since the user has no control over the data after his session is logged out, the encryption key acts as the primary authentication for the user” (Arockiam, 2013). Data Security and Privacy Protection Issues in Cloud Computing This paper by Deyan Chen provides an overview of some of the challenges in security facing cloud computing as well as current solutions. According to a survey from IDCI in 2009, 74% IT managers and CIOs believed that the primary challenge that hinders them from using cloud computing services is cloud computing security issues (Chen, 2012). Choosing the right vendor can sometimes be challenging, as different vendors offer different levels of security and understanding the differences can be difficult to comprehend. Figure 2 shows a visual of cloud computing security architecture. Figure 2. Cloud Computing Security Architecture Key management, as Chen points out turns into a major issue. Not every company has the infrastructure to manage massive amounts of keys with the type of protocols that advanced encryption requires. Ultimately Chen believes a fully homomorphic encryption scheme, like that developed by IBM, would solve the majority of problems facing cloud security by allowing data to remain encrypted while being processed. Encryption Methodologies This section outlines the two main types of encryption classifications, symmetric and asymmetric, and gets into specific encryption techniques. A breakdown of homomorphic encryption will be given and an analysis on its future implications. Due to the importance of key management, best practices will be discussed in this section as well.
  • 6.
    CLOUD ENCRYPTION METHODOLOGY6 Symmetric Encryption Symmetric encryption (see Figure 3) involves the use of one single key for both encryption and decryption (Arockiam, 2013). Figure 3. Symmetric Encryption For example, a source would produce a message in plaintext. The encrypt, a key is the generated at the message source and provided to the destination through a secure channel for decryption. Because Symmetric Encryption only requires one key and is the more simplistic form of encryption, it is much faster method than asymmetric, and is almost exclusively used to transmit data in bulk. It requires much less computational power than asymmetric and because of this, is much more cost-efficient. DES. The Data Encryption Standard (DES) is a block cipher developed in 1977 by the National Institute of Standards (Chatterjee, 2017). At the encryption site, DES takes 64-bit plaintext and creates 64-bit cipher text. During decryption, 64-bit cipher text is created back to 64-bit plaintext, so both the cipher and plaintext stay at 64-bit throughout the entire process. The key however is a 56-bit cipher key used for both encryption and decryption. Encryption takes place in two permutations, initial and final permutation. There are sixteen different rounds throughout encryption and each round uses a different sort of 48-bit key which is generated from the cipher key based on a predefined algorithm. See Figure 5.
  • 7.
    CLOUD ENCRYPTION METHODOLOGY7 Figure 4. DES Architecture AES. Advanced Encryption Standard (AES) is a symmetric key algorithm. Each of the ciphers has a 128-bit block size with key sizes of 128, 192, and 256 bits (Chatterjee, 2017). See Figure 5. Figure 5. AES Architecture With AES, rows are shifted in a transposition step where each row is shifted a certain number of steps. Columns are mixed, combining the four bytes in each column. The key that is generated follows the shifts in the rows and mixed columns to generate a key that is used for both encryption and decryption, as it is symmetric. The National Institute of Standards developed AES in 1997 for the U.S. government (Rouse, 2020). AES VS DES. AES was developed largely to replace DES in securing classified information for the US government. The time required to crack an encryption algorithm is directly related to the length of the key used to secure the communication (Rouse, 2020).
  • 8.
    CLOUD ENCRYPTION METHODOLOGY8 AES has much larger key sizes—128-bit, 192-bit, and 256-bit, making it much stronger than the 56-bit key of DES. Asymmetric Encryption In Asymmetric Encryption, different keys are used for encryption and decryption. Each of the receivers have their own key for decryption, known as their private key. Receivers share a key for encryption, known as the public key. Due to this two-key architecture, Asymmetric has a much higher level of security. Common applications for Asymmetric Encryption include blockchain, text communication, and intellectual property. See Figure 6. Figure 6. Asymmetric Encryption RSA. The oldest and still most used asymmetric cryptosystem is RSA encryption (Chatterjee, 2017). Considered the most secure used method of encryption, RSA involves two keys, the private key and the public key. In the verification process, the server implements authentication of the public key by signing a unique message known as the digital signature. The use of a digital signature allows for further security. The key sizes for RSA are far larger (512- bit, 1024-bit, 2048-bit, 3072-bit, and 4096-bit) than those of Symmetric methods making it far more secure. Homomorphic Encryption A current limitation to cloud computing is that encryption can only be applied to data that is in a storage state or transmission state. Homomorphic Encryption allows data to be processed while still in an encrypted state (Chauhan, 2015). For example, plain text of 5 and 10 could be encrypted to X and YZ. X and YZ could then be added together to form (X+YZ). No party would ever know the value of (X+YZ) is equal to 15, because they would only be able to see the encrypted text, X and YZ. Only until the final step of decryption, would the receiver know that (X+YZ) =15. See Figure 7.
  • 9.
    CLOUD ENCRYPTION METHODOLOGY9 Figure 7. Homomorphic Encryption Example Because the level of computational power required for Homomorphic Encryption is tremendous, Homomorphic is still very young in its development and is not able to be adopted widely. The biggest benefit Homomorphic Encryption could potentially have, is allowing parties to share data with each other, while still protecting each party’s individual data from being revealed. A practical application would include free elections where votes could be added up while keeping the results of each vote private, allowing for a more secure and transparent election process. Currently IBM and Microsoft are working to speed up the process of Homomorphic Encryption in hopes that it can soon be deployed on a much larger scale. Key Management Best Practices Encryption, both Symmetric and Asymmetric, is only as reliable as the security of its keys. Symmetric is more vulnerable since the same key is used for encryption and decryption. Key management can be a challenge for many parties with the complexity of key protocols. Best practices should include: • Centralize Encryption key management systems • Use automation to rotate keys at set intervals • Keep strict logging and auditing of encryption key use • Create an Encryption Key Management Policy for Employees • Rotate Your Keys Companies should adopt centralized, in-house key management policies. However, many companies and organizations may not have the underlying infrastructure, so hiring a third-party
  • 10.
    CLOUD ENCRYPTION METHODOLOGY10 key management service may be required. By centralizing encryption keys, it minimizes the number of places where keys can get exposed to attackers. Conclusion and Future Scope Cloud computing is emerging as a standard practice in information technology for companies and organizations across the globe. As it becomes more common place, so will the need to secure against current known threats and unknown threats that have yet to be determined. Ultimately encryption is the best defense against cyber criminals attacking the cloud. The two distinct encryption algorithms are Symmetric and Asymmetric. Symmetric is highly efficient and is best for transmitting data in bulk, where Asymmetric offers a much higher level of security through a public and private key. Best practices and set policies should be used when approaching key management. Homomorphic Encryption offers a large scope possibility of future improvement and still early in development. Finding ways to decrease the amount of computational overhead for Homomorphic to be efficient, leaves much research for the future. Advances in machine learning are a likely avenue for Homomorphic and need to be investigated.
  • 11.
    CLOUD ENCRYPTION METHODOLOGY11 References Arockiam, L. (2013). Data Security and Privacy in Cloud Storage using Hybrid Symmetric Encryption Algorithm. Retrieved November 11, 2020, from https://www.academia.edu/6899998/Data_Security_and_Privacy_in_Cloud_Storage_using_Hybr id_Symmetric_Encryption_Algorithm Birch, S. (2016, August 05). IBM's CEO on hackers: "Cyber crime is the greatest threat to every company in the world". Retrieved November 18, 2020, from https://www.ibm.com/blogs/nordic- msp/ibms-ceo-on-hackers-cyber-crime-is-the-greatest-threat-to-every-company-in-the-world/ Chatterjee, R. (n.d.). (PDF) Cryptography in Cloud Computing: A Basic Approach to ... Retrieved November 11, 2020, from https://www.researchgate.net/publication/320755577_Cryptography_in_Cloud_Computing_A_B asic_Approach_to_Ensure_Security_in_Cloud D. Chen and H. Zhao, "Data Security and Privacy Protection Issues in Cloud Computing," 2012 International Conference on Computer Science and Electronics Engineering, Hangzhou, 2012, pp. 647-651, doi: 10.1109/ICCSEE.2012.193. K. K. Chauhan, A. K. S. Sanger and A. Verma, "Homomorphic Encryption for Data Security in Cloud Computing," 2015 International Conference on Information Technology (ICIT), Bhubaneswar, 2015, pp. 206-209, doi: 10.1109/ICIT.2015.39. MANDEEP KAUR MANISH MAHAJAN (2013) Using encryption Algorithms to enhance the Data Security in Cloud Computing. International Journal of Communication and Computer Technologies, 1 (2), 130-133. doi:10.31838/ijccts/01.02.12 Rouse, M. (2020, April 17). What is AES Encryption and How Does it Work? Retrieved November 19, 2020, from https://searchsecurity.techtarget.com/definition/Advanced-Encryption- Standard Singla, Jasmeet Singh, S. (2013). Cloud Data Security using Authentication and Encryption Technique. Global Journal Of Computer Science And Technology, . Retrieved from https://computerresearch.org/index.php/computer/article/view/201 X. Yu and Q. Wen, "A View about Cloud Data Security from Data Life Cycle," 2010 International Conference on Computational Intelligence and Software Engineering, Wuhan, 2010, pp. 1-4, doi: 10.1109/CISE.2010.5676895 Thakkar, J. (2020, November 03). 12 Enterprise Encryption Key Management Best Practices. Retrieved November 11, 2020, from https://www.thesslstore.com/blog/12-enterprise-encryption- key-management-best-practices/ Thakkar, J. (2020, November 03). 12 Enterprise Encryption Key Management Best Practices. Retrieved November 11, 2020, from https://www.thesslstore.com/blog/12-enterprise-encryption- key-management-best-practices/ 12 Benefits of Cloud Computing and Its Advantages. (2020). Retrieved November 18, 2020, from https://www.salesforce.com/products/platform/best-practices/benefits-of-cloud-computing/