|By Gilad Parann-Nissany||
|September 8, 2014 09:00 PM EDT||
Can You Own Your Public Cloud?
Public cloud computing is surging forward into healthcare, finance, and utilities. Popular cloud based implementations run the gamut from big data analysis to customer service applications, and everything in between. As more and more sensitive data processing is done in the cloud, encryption of data has become the obvious best practice. Google Compute Engine has provided data encryption for some time; and in a recent interview, AWS’s CTO said they’d like all data, or at least all sensitive business data, to be always encrypted.
Encrypting data immediately brings up the challenge of managing your encryption keys. The owner of encryption keys is the real owner of the data and of the application. Several transitional solutions take this point partially into account. You can sometimes store keys with hardware based solutions, which store keys outside the cloud model and compromise elasticity and flexibility. Or you can choose to let your cloud provider own your keys.
Do you really care about this? The answer is yes, you should. Not owning your keys is actually a significant exposure, which can sometimes surprise you when you understand its consequences. Basically, not owning your keys means that encryption completely depends on your cloud credentials: if an attacker has somehow obtained your administrative credentials to your cloud environment, the cloud provider will believe they are you, and may automatically provision the encryption keys. So you are in a situation where you are not quite getting the benefit.
Is there a solution? You want — at one and the same time — to enjoy the full cloud elasticity and flexibility, and to enjoy the regulatory and security benefits of strong cloud encryption.
Take a look at split key encryption and homomorphic key management. These provide pure, software defined key management that is as secure as you need. These techniques were recently chosen by Hewlett Packard (HP) for solving the cloud key management dilemma. They could be appropriate for you too.
Jun. 30, 2015 05:00 PM EDT Reads: 2,071
Jun. 30, 2015 04:39 PM EDT Reads: 508
Jun. 30, 2015 04:21 PM EDT Reads: 535
Jun. 30, 2015 02:15 PM EDT Reads: 2,144
Jun. 30, 2015 01:45 PM EDT Reads: 1,986
Jun. 30, 2015 01:45 PM EDT Reads: 1,853
Jun. 30, 2015 01:30 PM EDT Reads: 2,106
Jun. 30, 2015 01:15 PM EDT Reads: 2,041
Jun. 30, 2015 10:30 AM EDT Reads: 1,884
Jun. 30, 2015 10:15 AM EDT Reads: 836
Jun. 30, 2015 09:45 AM EDT Reads: 884
Jun. 30, 2015 09:15 AM EDT Reads: 861
Jun. 30, 2015 09:00 AM EDT Reads: 787
Jun. 30, 2015 08:45 AM EDT Reads: 775
Jun. 30, 2015 08:30 AM EDT Reads: 1,053
Jun. 30, 2015 08:30 AM EDT Reads: 2,393
Jun. 30, 2015 08:30 AM EDT Reads: 1,970
Jun. 29, 2015 03:00 PM EDT Reads: 2,309
Jun. 29, 2015 12:15 PM EDT Reads: 2,636
Jun. 29, 2015 12:00 PM EDT Reads: 2,165