3. message Possible attack in every hop;interruption, interception, modification, fabrication message
4. Confidentiality Access to data must be protected from unauthorized entity Cloud computing susceptibe to Interception Data archived in unknown places Traffic analysis leading to business intelligence
5. Confidentiality (cont.) Protected by cryptography End-to-end encryption Encrypted pipe (difficult in cloud because we don’t have control over pipes) Does not work if cloud needs data to process. How to distribute keys? Granular encryption?
7. zrffntr = message zrffntr = message process? Message encryptedat the origin and decryptedin the receiving end. But, what if cloud needs data to process? Data must be decrypted in cloud. zrffntr
8. Integrity Data must not be changed, modified, tampered by unauthorized entity Must protect data byby digital signature, message authenticated code (MAC), hashing function Attached as part of message(s) Granularity?
10. Availability Make sure that data is available when needed Possible attack Interruption, Denial of Service (DoS) Best effort is not good enough. Quality of Service (QoS) must be guaranteed
12. Concluding Remarks Security is still an issue for cloud computing If cloud computing is cheaper, then people will use it (regardless of security problems) Solutions (perhaps not elegant) are available The devils are in details