to secure the exchange of information on a public cloud, the technique used establishes a secure communication channel by having mutual authentication between two or more users who want to exchange data, this mutual authentication happens by sharing keys used for confidential communication. 4. Authenticated key exchange:
Cloud-managed-key cryptographic scheme has been developed by NTT which solves the issue of managing keys in public by managing the decryption for public keys in the securely out sourced in the key management cloud this allows users to benefit from encrypted content without managing the decryption keys. This also makes it possible to disable access to users who are not authenticated to access the content anymore.
Allowing users to manage decryption keys is a major issue, since users have the key to decrypt cypher text at any time, this means users can view the ciphered content even if they no longer have authority to access it.
3. Cloud cryptographic scheme:
Intelligent encryption fixes this issue by specifying the conditions under which encrypted data can be viewed. This means that viewing data can only happen when the attributed required to view data meats the attributed in the access key held by the viewers.
Unlike secure computing, encryption allows data to be stored safely in the same server, however traditional cryptography methods allow only one person to view the clear content which defeat one of the main advantages of cloud computing applications which is to allow large numbers of people access data from different places.
2. Intelligent encryption:
this technology stores data across more than one server to maintain safety even if information was leaked from one of the servers 10, figure 2 below explains this technology in a simplified way. Although the technology is known to be secure but practicality has been questioned by the limited processing speed. NTT developed a secure computing system that is considered the fasted in the world with the speed of 1 million operations every second.
1. Secure computing technology:
this section will focus on the technologies that could ensure the information security in the cloud.
II. CIA protection in cloud computing 9
rely on availability of data whenever the user needs to access it, cloud storage solutions such as Dropbox or Google Drive require the servers to run all the time because information is accessed from around the world and shutting down the servers for one minute will deny thousands of people access to their information.
There are many cloud based systems that are
Availability of data and computing systems is the third most important base of information security in the cloud, availability in the cloud could depend on many hardware and software factors, one of the factors is the availability of the servers hosting the cloud platform.
Sensitivity of AI systems algorithms is high because algorithms set the path for AI systems to develop accordingly and any small change in the path will result in a different outcome 8.
AI systems might be able to develop and learn through unauthorized modifications but the out could be dramatically different to the intended outcome which makes the whole system unusable.
A theoretical proof to the importance of integrity in cloud computing platforms is azure, azure allows users to create their own AI Applications or “Chat bots” and any unauthorized modifications in the data and algorithms for such applications is very sensitive and may lead to a disaster figure 1 below shows how sensitive AI applications could be.
Integrity of information is important in many cloud computing services to ensure that data is not misleading, protecting the integrity of data also protects the confidentiality of the data since access to this data is only allowed to authorized people.
Security breaches in the cloud have happened before, in 2014 almost 500 private pictures of many celebrities were stolen from their iCloud accounts through phishing attacks although later a security issue in the iCloud API was revealed to allow hackers to make unlimited attempts at guessing the victim’s password. 7
Confidentiality 6 of information in the cloud could be one of the biggest security problems cloud computing is facing and because of that many questions were raised around the issue to clarify who controls the encryption/decryption keys and the legal consequences of a security breach.
This section will Explain the importance of information security in cloud computing based applications by providing theoretical examples.
Data in the cloud should be available always and safe from theft and modification.
CIA Triad stands for the three bases that measure the security of an application, confidentiality, Integrity and Availability 5.
I. Relation Between CIA and Cloud computing
2. OneDrive 4: Microsoft’s storage solution connects Office365 application services to their outlook emails which makes sharing and editing documents possible from any device if it is connected to the internet.
1. Unity cloud based development 3: through the cloud based development unity provides, multiple developers can work on the same project at the same time without losing any data which accelerates the development process.
Below are two cloud based solutions and how the cloud integration increased the overall experience from solutions:
cloud computing platforms provides a variety of services over the internet, faster application development and lower hardware costs are some of benefits from the services provided by cloud computing platforms which made cloud based solution a great solution for many problems.