RODRIGUES, Marcos (2016). Secure Cloud Access by Design. In: Brazilian Symposium on Information Systems – SBSI 2016, Florianopolis, Brazil, May 17-20, 2016. [Conference or Workshop Item]
Documents
12093:37399
PDF (Abstract)
Secure Cloud Access by Design.pdf - Accepted Version
Available under License Creative Commons Public Domain Dedication.
Secure Cloud Access by Design.pdf - Accepted Version
Available under License Creative Commons Public Domain Dedication.
Download (20kB) | Preview
12093:37400
PDF (Letter of invitation)
sbsi2016 invitation letter.pdf - Other
Restricted to Repository staff only
sbsi2016 invitation letter.pdf - Other
Restricted to Repository staff only
Download (75kB)
Abstract
Edward Snowden’s revelations were a political fiasco and an economic threat to US based tech companies. The extent of NSA’s data collection drove away overseas customers in large numbers over security and privacy concerns creating, at the same time, an opportunity for non-US tech companies. Given that cloud computing is a remotely accessed service, the connection between provider and customer needs to be adequately protected against all known security risks. In order to ensure this, an open and clear specification of all standards, technologies and security protocols adopted by the cloud provider is required. In this presentation, we will review current issues concerned with security threats to cloud computing and present a solution based on our unique patented compression-encryption method. The method provides highly efficient data compression where a unique symmetric key is generated as part of the compression process and is dependent on the characteristics of the data. Without the key, the data cannot be decompressed. We focus on threat prevention by cryptography that, if properly implemented, is virtually impossible to break directly. Our security by design is based on two principles: first, defence in depth, where our proposed design is such that more than one subsystem needs to be violated to get both the data and their key. Second, the principle of least privilege, where the attacker may gain access to only part of a system. The presentation will highlight the benefits of the solution that include performance, less bandwidth requirements, faster data transmission and response times, less storage space, and less energy consumption among others. Data protection and privacy legislations are not similar across the globe. Our solution addresses security and privacy issues to the highest standards, addressing concerns when cloud computing platforms are located in servers either inside or outside the European Union.
More Information
Statistics
Downloads
Downloads per month over past year
Share
Actions (login required)
View Item |