RODRIGUES, Marcos (2016). Secure Cloud Access by Design. In: Brazilian Symposium on Information Systems – SBSI 2016, Florianopolis, Brazil, May 17-20, 2016.
Secure Cloud Access by Design.pdf - Accepted Version
Available under License Creative Commons Public Domain Dedication.
Download (20kB) | Preview
PDF (Letter of invitation)
sbsi2016 invitation letter.pdf - Other
Restricted to Repository staff only
Edward Snowden’s revelations were a political fiasco and an economic threat to US based tech companies. The extent of NSA’s data collection drove away overseas customers in large numbers over security and privacy concerns creating, at the same time, an opportunity for non-US tech companies. Given that cloud computing is a remotely accessed service, the connection between provider and customer needs to be adequately protected against all known security risks. In order to ensure this, an open and clear specification of all standards, technologies and security protocols adopted by the cloud provider is required. In this presentation, we will review current issues concerned with security threats to cloud computing and present a solution based on our unique patented compression-encryption method. The method provides highly efficient data compression where a unique symmetric key is generated as part of the compression process and is dependent on the characteristics of the data. Without the key, the data cannot be decompressed. We focus on threat prevention by cryptography that, if properly implemented, is virtually impossible to break directly. Our security by design is based on two principles: first, defence in depth, where our proposed design is such that more than one subsystem needs to be violated to get both the data and their key. Second, the principle of least privilege, where the attacker may gain access to only part of a system. The presentation will highlight the benefits of the solution that include performance, less bandwidth requirements, faster data transmission and response times, less storage space, and less energy consumption among others. Data protection and privacy legislations are not similar across the globe. Our solution addresses security and privacy issues to the highest standards, addressing concerns when cloud computing platforms are located in servers either inside or outside the European Union.
|Item Type:||Conference or Workshop Item (Keynote)|
|Research Institute, Centre or Group:||Cultural Communication and Computing Research Institute > Communication and Computing Research Centre|
|Depositing User:||Marcos Rodrigues|
|Date Deposited:||26 Apr 2016 10:30|
|Last Modified:||14 Jan 2017 20:32|
Actions (login required)
Downloads per month over past year