Advertisement

Secure Cloud Computing

  • Wolfgang A. Halang
  • Maytiyanin Komkhao
  • Sunantha Sodsee
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 265)

Abstract

The security risks of cloud computing include loss of control over data and programs stored in the cloud, spying out these data and unnoticed changing of user software by the cloud provider, malware intrusion into the server, eavesdropping during data transmission as well as sabotage by attackers able to fake authorised users. It will be shown here how these security risks can effectively be coped with. Only for preventing the cloud provider from wrong-doing no technical solution is available. The intrusion of malware into cloud servers and its malicious effects can be rendered impossible by hardware-supported architectural features. Eavesdropping and gaining unauthorised access to clouds can be prevented by information-theoretically secure data encryption with one-time keys. A cryptosystem is presented, which does not only work with one-time keys, but allows any plaintext to be encrypted by a randomly selected element out of a large set of possible ciphertexts. By obliterating the boundaries between data items encrypted together, this system removes another toehold for cryptanalysis.

Keywords

Cloud computing malware prevention hardware-based security security by design eavesdropping unbreakable encryption 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Fahrnberger, G.: SecureString 2.0 – A Cryptosystem for Computing on Encrypted Character Strings in Clouds. In: Eichler, G., Gumzej, R. (eds.) Networked Information Systems. Fortschr.-Ber. 10, 826, pp. 226–240. VDI Verlag, Düsseldorf (2013)Google Scholar
  2. 2.
    Halang, W.A., Witte, M.: A Virus-Resistent Network Interface. In: Górski, J. (ed.) SAFECOMP 1993, pp. 349–357. Springer, Heidelberg (1993)Google Scholar
  3. 3.
    Halang, W.A., Fitz, R.: Speichersegmentierung in Datenverarbeitungsanlagen zum Schutz vor unbefugtem Eindringen. German patent application DE 100 31 212 A1 (2000)Google Scholar
  4. 4.
    Halang, W.A., Fitz, R.: Kontextsensitive Speicherzuordnung in Datenverarbeitungsanlagen zum Schutz vor unbefugtem Ausspähen und Manipulieren von Daten. German patent application DE 100 31 209 A1 (2000)Google Scholar
  5. 5.
    Halang, W.A., Fitz, R.: Gerätetechnische Schreibschutzkopplung zum Schutz digitaler Datenverarbeitungsanlagen vor Eindringlingen während der Installationsphase von Programmen. German patent 10051941 since 20 October (2000)Google Scholar
  6. 6.
    Halang, W.A., Fitz, R.: Offenbarendes Verfahren zur Überwachung ausführbarer oder interpretierbarer Daten in digitalen Datenverarbeitungsanlagen mittels gerätetechnischer Einrichtungen. German patent application DE 100 55 118 A1 (2000)Google Scholar
  7. 7.
    Halang, W.A., Komkhao, M., Sodsee, S.: A Stream Cipher Obliterating Data Element Boundaries. Thai Patent Registration (2014)Google Scholar
  8. 8.
    Kerckhoffs, A.: La cryptographie militaire. Journal des Sciences Militaires. 9. Serie (1883)Google Scholar
  9. 9.
    Li, P.: Spatiotemporal Chaos-based Multimedia Cryptosystems. Fortschr.-Ber. 10, 777. VDI-Verlag, Düsseldorf (2007)Google Scholar
  10. 10.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)zbMATHGoogle Scholar
  11. 11.
    Rannenberg, K., Pfitzmann, A., Müller, G.: Sicherheit, insbesondere mehrseitige IT-Sicherheit. In: Mehrseitige Sicherheit in der Kommunikationstechnik, pp. 21–29. Addison-Wesley, Bonn (1997)Google Scholar
  12. 12.
    Shannon, C.E.: Communication Theory of Secrecy Systems. Bell System Technical Journal 28, 656–715 (1949)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Spruthm, W.G., Rosenstiel, W.: Revitalisierung der akademischen Großrechnerausbildung. Informatik Spektrum 34(3), 295–303 (2011)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Wolfgang A. Halang
    • 1
  • Maytiyanin Komkhao
    • 2
  • Sunantha Sodsee
    • 3
  1. 1.Chair of Computer EngineeringFernuniversität in HagenHagenGermany
  2. 2.Faculty of Science and TechnologyRajamangala University of Technology Phra NakhonBangkokThailand
  3. 3.Faculty of Information TechnologyKing Mongkut’s University of Technology North BangkokBangkokThailand

Personalised recommendations