Data Encryption in the Cloud
With cloud services (better called “utility computing services”) proliferating like crazy, the security of an organization’s data stored in the cloud is starting to become a very serious issue. Suppose that an organization has decided to contract with a cloud service provider (CSP) for Infrastructure as a Service (IaaS) storage services. Although the organization may assume that the CSP will adequately safeguard the stored data, in reality the opposite is likely to be true. Why? Encryption of data stored in the cloud is not a trivial issue in that it precludes being able to conduct operations that are normally done in connection with data storage–searching and indexing. Without the ability to do both, data storage becomes downright inefficient. So unless provisions in a service level agreement (SLA) or statement of work (SOW) explicitly state that encryption will be provided for all data stored by the CSP, data are likely to be stored in cleartext.
It is an understatement to say that cleartext data comprise a very serious problem. They are ripe for intruder theft and identity theft attempts. Additionally, they may cause an organization to be out of compliance with regulatory standards such as the PCI-DSS standard, which requires that credit card data be neither stored nor transmitted in the clear. Consider, too, the state of Nevada, which approximately two years ago passed a law requiring businesses that electronically transfer customers’ personal data to a location outside of their shelter of their own secure systems to encrypt these data. Included in the scope of Nevada’s law are Social Security numbers, bank account numbers and PINs, driver’s license numbers, and credit and debit card numbers.
But there is yet another complication in connection with encryption of data stored in the cloud–how can data stored in this manner be processed if they are encrypted? They can be decrypted, processed, and then re-encrypted, but if so, they are subject to compromise while they are not encrypted. Fortunately, there is a very promising potential solution–homomorphic encryption. In this form of encryption one operation can be performed on the plaintext version of a set of data and the same or a different operation can be performed on the encrypted version. Consequently, an application into which this type of encryption has been incorporated can perform a wide range of processing operations on encrypted data in a surprisingly efficient manner.
Understanding homomorphic encryption is not for the lighthearted. Craig Gentry of IBM, one of the leading researchers in this area, has developed a homomorphic scheme based on evaluating circuits of an arbitrary depth. His method starts with a “somewhat” homomorphic encryption scheme as applied to “ideal lattices” (you remember the lattice model of access control from the CISSP exam, right?) used to evaluate “low-degree polynomials” that transform encrypted data. Fortunately, not everyone believes that homomorphic encryption has to be as complex as Gentry’s scheme. Some researchers, for example, think that “ideal lattices” are not necessary at all. Regardless of the particular schemes and models, it appears that homomorphic encryption will in just a few years provide a very practical way to process encrypted data, regardless of whether they are stored in the cloud.
Oh, by the way, even if homomorphic encryption becomes a modus operandi in cloud computing, there is still a major hurdle–key management by CSPs. Face it–those of us who have encryption in our own systems and networks do not do very well when it comes to key management, so how well can we expect cloud providers to manage keys they use to encrypt our data? But that is yet another can of worms with which the cloud security community will have to deal.