Abstract
Businesses choosing cloud based infrastructures for all of their IT needs enjoy business agility, technical flexibility and lower IT costs – but face a security dilemma of how to use the cloud securely.
This dilemma is fostered by conventional wisdom which stipulates, that in order to achieve data protection and compliance in cloud, organizations must use hardware security mechanisms and dedicated servers. We will explain why such traditional modes of hardware based security and physical controls of servers are becoming much less relevant for the dynamic cloud ecosystem.
We will discuss the concepts of “Software defined Security” as it relates to the cloud context and the capabilities of cryptographic data protection solutions for the cloud that require no hardware. We will discuss the potential uses and benefits of Elastic Key Management & Homomorphic Encryption, an emerging mathematical technique which holds great promise for cloud security. By focusing on the specific problem of Key Management, we will show it is possible today to design high performance, software only security solutions that use Partially Homomorphic Encryption to protect encryption keys.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
[Amaz14] Amazon Web Services CloudHSM: http://aws.amazon.com/de/cloudhsm/
[BSI12] Security Recommendations for Cloud Computing Providers, 02/2012, https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Minimum_information/SecurityRecommendationsCloudComputingProviders.pdf;jsessionid=93CC753F47C4AB57FAEDE6B9A954BCDD.2_cid368?__blob=publicationFile
[CSA13] The Cloud Security Alliance: “Security Guidance for Critical Areas of Focus in Cloud Computing V 3.0”, 2013, https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
[DaPa14] Ariel Dan, Gilad Parann-Nissany, Porticor Ltd., Homomorphic Key Management http://www.porticor.com/porticor-virtual-private-data/
[Hard13] Securing the cloud: A new algorithm solves a major problem with homomorphic encryption, which would let Web servers process data without decrypting it. Larry Hardesty, MIT News Office June 10, 2013 http://newsoffice.mit.edu/2013/algorithm-solves-homomorphic-encryption-problem-0610
[Jenn13] Roger Jennings et al., Cloud computing experts forecast the market climate in 2014, TechTarget 2013, http://searchcloudcomputing.techtarget.com/feature/Cloud-computing-experts-forecastthe-market-climate-in-2014
[KiWe14] Kim Weins, Right Scale, Cloud Computing Trends: 2014 State of Cloud Survey, http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2014-state-cloud-survey#Enterprise-Cloud-Governance-Lags-Adoption
[Koeh04] Alexander W. Koehler, Trusted Computing: From Theory to Practice in the Real World, S. Paulus, N. Pohlmann, H. Reimer: Securing Electronic Business Processes, Vieweg (2004), 209-218
[Krum14] Randy Krum, The Explosive Growth of Cloud Computing, 2014 http://www.coolinfographics.com/blog/2014/5/5/the-explosive-growth-of-cloud-computing.html
[MeGr11] Peter Mell, Timothy Grance, National Institute of Standards and Technology,SP 800-145, 2011, http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
[NePa14] Surya Nepal, Mukaddim Patah, Security, Privacy and Trust in Cloud Systems, Springer Verlag Berlin Heidelberg, 2014
[PCI11] Tokenization, described by the Tokenization Taskforce at the PCI Security Standards Council, https://www.pcisecuritystandards.org/documents/Tokenization_Guidelines_Info_Supplement.pdf
[Schn09] Bruce Schneier, Schneier on Security, Homomorphic Encryption Breakthrough, 2009, until to date: 2014 https://www.schneier.com/blog/archives/2009/07/homomorphic_enc.html
[TCG14] Trusted Computing Group on Trusted Platform Module http://www.trustedcomputinggroup.org/solutions/authentication
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Fachmedien Wiesbaden
About this paper
Cite this paper
Koehler, A. (2014). Securing Cloud: Elastic Key Management and Homomorphic Encryption. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2014 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-06708-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-658-06708-3_11
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-06707-6
Online ISBN: 978-3-658-06708-3
eBook Packages: Computer ScienceComputer Science (R0)