Abstract
The security risks of cloud computing include loss of control over data and programs stored in the cloud, spying out these data and unnoticed changing of user software by the cloud provider, malware intrusion into the server, eavesdropping during data transmission as well as sabotage by attackers able to fake authorised users. It will be shown here how these security risks can effectively be coped with. Only for preventing the cloud provider from wrong-doing no technical solution is available. The intrusion of malware into cloud servers and its malicious effects can be rendered impossible by hardware-supported architectural features. Eavesdropping and gaining unauthorised access to clouds can be prevented by information-theoretically secure data encryption with one-time keys. A cryptosystem is presented, which does not only work with one-time keys, but allows any plaintext to be encrypted by a randomly selected element out of a large set of possible ciphertexts. By obliterating the boundaries between data items encrypted together, this system removes another toehold for cryptanalysis.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Fahrnberger, G.: SecureString 2.0 – A Cryptosystem for Computing on Encrypted Character Strings in Clouds. In: Eichler, G., Gumzej, R. (eds.) Networked Information Systems. Fortschr.-Ber. 10, 826, pp. 226–240. VDI Verlag, Düsseldorf (2013)
Halang, W.A., Witte, M.: A Virus-Resistent Network Interface. In: Górski, J. (ed.) SAFECOMP 1993, pp. 349–357. Springer, Heidelberg (1993)
Halang, W.A., Fitz, R.: Speichersegmentierung in Datenverarbeitungsanlagen zum Schutz vor unbefugtem Eindringen. German patent application DE 100 31 212 A1 (2000)
Halang, W.A., Fitz, R.: Kontextsensitive Speicherzuordnung in Datenverarbeitungsanlagen zum Schutz vor unbefugtem Ausspähen und Manipulieren von Daten. German patent application DE 100 31 209 A1 (2000)
Halang, W.A., Fitz, R.: Gerätetechnische Schreibschutzkopplung zum Schutz digitaler Datenverarbeitungsanlagen vor Eindringlingen während der Installationsphase von Programmen. German patent 10051941 since 20 October (2000)
Halang, W.A., Fitz, R.: Offenbarendes Verfahren zur Überwachung ausführbarer oder interpretierbarer Daten in digitalen Datenverarbeitungsanlagen mittels gerätetechnischer Einrichtungen. German patent application DE 100 55 118 A1 (2000)
Halang, W.A., Komkhao, M., Sodsee, S.: A Stream Cipher Obliterating Data Element Boundaries. Thai Patent Registration (2014)
Kerckhoffs, A.: La cryptographie militaire. Journal des Sciences Militaires. 9. Serie (1883)
Li, P.: Spatiotemporal Chaos-based Multimedia Cryptosystems. Fortschr.-Ber. 10, 777. VDI-Verlag, Düsseldorf (2007)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Rannenberg, K., Pfitzmann, A., Müller, G.: Sicherheit, insbesondere mehrseitige IT-Sicherheit. In: Mehrseitige Sicherheit in der Kommunikationstechnik, pp. 21–29. Addison-Wesley, Bonn (1997)
Shannon, C.E.: Communication Theory of Secrecy Systems. Bell System Technical Journal 28, 656–715 (1949)
Spruthm, W.G., Rosenstiel, W.: Revitalisierung der akademischen Großrechnerausbildung. Informatik Spektrum 34(3), 295–303 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Halang, W.A., Komkhao, M., Sodsee, S. (2014). Secure Cloud Computing. In: Boonkrong, S., Unger, H., Meesad, P. (eds) Recent Advances in Information and Communication Technology. Advances in Intelligent Systems and Computing, vol 265. Springer, Cham. https://doi.org/10.1007/978-3-319-06538-0_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-06538-0_30
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06537-3
Online ISBN: 978-3-319-06538-0
eBook Packages: EngineeringEngineering (R0)