Encryption in Cloud Computing: Ensuring Data Security

By: Rishitha Chokkappagari, Department of Computer Science &Engineering, student of Computer Science & Engineering, Madanapalle Institute of Technology & Science, Angallu (517325), Andhra Pradesh. chokkappagaririshitha@gmail.com

Abstract

In the modern world of web 2. 0, cloud computing plays the role of one of the most important principles of storing and processing information, providing virtually unlimited expansibility, versatility, and availability. But this has also brought an increase in the use of cloud-based services which also come with numerous concerns over data security and privacy. Based on these factors, cloud computing utilizes encryption as a way of averting such problems and maintain the privacy of data and prevent cases of break-ins. Encryption is the process by which clear text messages are transformed into non-readable form with the help of certain formula or equation known as cipher and only the one who possess cipher key can decode it. In the context of cloud computing, encryption can be applied at multiple stages: during data communication (in transit encryption), data that is saved on cloud servers and in applications and processes (at rest encryption). By and large, each of the encryption sorts respond to certain threats, and all together strengthen the protection of cloud settings. In this case, the process of encryption in cloud computing has both symmetric and asymmetric encryption means. Simple to implement, best for big data, and speedy data processing distinguishes symmetric encryption from others, provided it has only one key for the entire process. Meanwhile, asymmetric encryption uses a combination of a public key and a private key which is very secure particularly in data communication and exchange of keys. The combination of these methods enriches the general security environment, decreases exposure to threats related to data leakage, unauthorized access, and cyber threats.

AES and PKI are significantly boosting the cloud security framework through encryption of data and management of digital keys. AES is also used due to its efficiency and reliability for encrypting the data that need special protection, and PKI helps to organize the management of keys and to ensure the identifying of users. Also, combining encryption with other measures, for example, MFA and IDS brings to the protection numerous levels of security against potential threats.

Keywords: Cloud computing, storage, security, Encryption

Introduction

In the current world era of advance technologies in computing, cloud computing has greatly enhanced the procedures of data storage and processing. Due to advanced cloud services, currently businesses and end users have an opportunity to store and process practically limitless amounts of information from any geographic location and with the help of multiple types of devices at any period. These changes have greatly helped in improvement of operation efficiency, cooperation and flexibility of the structure. But these are issues that accompany all developments pertaining to security. Identified threats are constant challenges which are experienced in organizations, government agencies, and in everyday life, and they may lead to severe consequences. In cloud computing, possibly one of the most important things that people are challenged with is the ability to secure authenticity, confidentiality, and accessibility of data[1]. Data that is transmitted through numerous networks as well as that which is stored in offsite servers is at a high risk of being intercepted. To minimise these risks, encryption is the only tool that is believed to offer effective protection of data that is hosted in the cloud. Encryption converts a text statement in a form that anyone cannot understand and get the decrypted statement without a decryption code. This process is important for the achievement of the objective as it guarantees that even if somebody gains access to the data it is unreadable for him. Various hybrid encryption algorithms are used to detect the threats and maintain security in data[2].

There is several complex methods and approaches in the application of encryption to cloud computing. This is inclusive of encrypting data that are at rest such as those belonging to the cloud and encrypting data in motion meaning data that is in transition from user to service and vice versa. Further, end-to-end encryption means that data stays secured up to the last and even up to the point of generation and transmission. Furthermore, for cloud computing, the encryption is relative and not of a universal type. It presupposes extensive knowledge of the cryptographic methods, keys, and the peculiarities of secure data requirements. The selection of calculation algorithms, the storage and control of the keys, as well as the incorporation of the encryption procedures with Cloud services constitute the significant factors that define the efficiency of the security measures.

The Importance of Cloud Encryption

In other words, encryption is converting the information that a given person can easily comprehend into the information that can hardly be comprehended due to specific algorithms or keys. This process helps in the following way: for any case if the data is intercepted or appears to the wrong people it cannot be understood because of the decryption key. As for the cloud computing the data is stored in the computing facilities, which is placed in another network, and transmitted through the insecure networks, encryption give a perfect protection of leakage and unauthorized access to the data[3]. The fig.1 below shows the importance of encryption in cloud computing.

Figure 1 importance of encryption in cloud computing

Types of Encryptions

Symmetric Encryption: It on this account that the method under reference applies the key in both the encipherment as well as in the deciphering. AES is expanded as Advance Encryption Standard which is presently used in media encryption and is a type of symmetric key encryption and has passed through various tests and has a higher speed and is more secure. It is also frequently used in the context of storing data in a cloud networked environment using such functions as encryption.

Asymmetric Encryption: It is also called the key exchange that nautiluses two differently generated keys; the first one that is used for the encryption of the information and the second one used for decryption of the information. RSA in turn can be described as one of the types of asymmetric encryption applied to the transfer of the protected information.

Hashing: There are for instance hash functions such as SHA-256; these apply the fixed–value hash on the data. On the same note while hashing per se does not encrypt the data it makes the check that the data has been altered possible. To increase the levels of security, encryption is usually employed side by side with hashing techniques.

Encryption in Cloud Computing

In cloud environments, encryption is applied in several key areas. There are many uses of encryption in the cloud as described below:

Figure 2 Encryption in cloud computing

  1. Data at Rest:

The data at rest is information that is stored on the disk’s resident within cloud servers or data centres. Due to the vulnerability of data at rest to unauthorized access and breaches, the process of data encryption is considered the basic level of data protection. Here’s a detailed look at how it works:

  1. Encryption Algorithms: CSPs normally use effective security measures such as encryption when it comes to stored data. Initiated from the Rijndael family of block ciphers, the Advanced Encryption Standard (AES) is widely used because of its security measure and proficiency. AES can be used with 128, 192, or 256 bits keys ensuring the different level of protection according to the data type.
  2. Full-Disk Encryption: To enhance security, CSPs may have full-disk encryption (FDE) which is a type of encryption that entire disk drive where the data exist are encrypted. This make sure all data, permanent and transient data including temporary files and system files are encrypted and protected[4].
  3. File-Level Encryption: Depending on implementations, the encryption can be done in the so called layer as file, this means file or files are encrypted. Although, this can be useful if the goal is the protection of only some items of highly sensitive data.
  4. Key Management: Encryption of the data is inseparably connected with the issue of the protection of encryption keys. It means that if in any way the encryption key is penetrated then it leads to threat and breach of the data. Thus, the generation, storage and management of keys should be secure. For big data, cloud providers may decide to use the services of a hardware security module (HSMs) in the management of the encryption keys[5].
  5. Data in Transit

Data on the internet will be travelling from user to server or between servers themselves. It is necessary to protect them from being theft. Transport Layer Security (TLS): To summarise, there is no champion implementation for securing data in transit, and the most used protocol is TLS. It creates a connection with the clients and the servers by encoding them. TLS makes sure that information that is transferred over the internet is secure so that other people cannot interpret or modify it in any way they wish.

  1. Secure Sockets Layer (SSL): While SSL is still used, nowadays it is widely overshadowed by TLS because of the latter’s additional layers in terms of security. However, it is important for clients to note that SSL is a terminology that is usually used as a synonym for TLS.
  2. Virtual Private Networks (VPNs): VPN facilities can be used so as secure encrypted connection may be established between the users and the cloud services. VPNs are very useful in the passage of data through public networks in that they allow the data to be encrypted to prevent leakage of sensitive data.
  3. Data Integrity

Besides, there are integrity tools including message authentication code (MACs), and digital signatures that make sure that data was not modified in the process of transmission.

  1. Key Management: An even more significant role of Key Management personnel is critical in the protection of the encrypted data. The flow comprises creating, disseminating, preserving and cycling of keys especially encryption keys. Here’s a closer look:
  2. Key Management Services (KMS): For managing the encryption keys, cloud providers have Key Management Service (KMS) in cloud environments. Unfortunately, KMS also offers centralized control over custom keys allowing users to generate, store, and rotate the keys. It can have include features like auto- rotate key and types of access control policies.
  3. Customer-Managed Keys: While in other cases, some organizations prefer to retain the master encryption keys so that they are in full control. In this case, they employ their solutions for the management of keys while they adopt the cloud provider’s infrastructure to host the data. This is a more flexible approach but at the same time there is more control needed with the problem of key management and protection.
  4. Hardware Security Modules (HSMs): HSMs are certain physical appliances that are designed to produce, store and authenticate the encryption keys. These offer high security by guaranteeing that the keys are stored in an area that cannot be accessed by other people in the society[6].

Conclusion

In the area of computing where there is storage, processing, and transmitting of data over huge networks and/or different places, encryption is the null option in view of handling the problem of data security. Therefore, the use of the encryption methods helps in preventing and preserving the organizations’ information from unlawful access, the attack, and other cyber risks. Encryption thus hides data that is idle to ensure its security when stored in the cloud and equally during transmission where the act of intercepting data is another dimension of insecurity. The best encryption plans ensure organizations have protected ways of storing and retrieving their data and meeting legal compliance standards. This trend was observed particularly as the market for cloud computing expands and starts mutating meaning that the need for the encryption of the data also increases. Speaking of cloud security as a kind of security model divided between the cloud service provider and the customer the customer has the primary role to protect the data and IM is one of the key components of the defence line.

In conclusion, one can conclude that encryption took be as the central measure for the protection of hosted data and consequently cloud computing environment against the never ceasing emergence of new cyber threats. In this manner, organizations can effectively transition to cloud solutions as needed, without having to stress over the vulnerability of the data and conformity to the policies that uphold confidentiality and privacy of data in today’s security threats.

References

  1. R. Arora and A. Parashar, “Secure User Data in Cloud Computing Using Encryption Algorithms,” Int. J. Eng. Res., vol. 3, no. 4, 2013.
  2. V. Goyal and C. Kant, “An Effective Hybrid Encryption Algorithm for Ensuring Cloud Data Security,” in Big Data Analytics, V. B. Aggarwal, V. Bhatnagar, and D. K. Mishra, Eds., Singapore: Springer, 2018, pp. 195–210. doi: 10.1007/978-981-10-6620-7_20.
  3. P. Brandão, “The Importance of Authentication and Encryption in Cloud Computing Framework Security,” Apr. 2018, doi: 10.11648/j.ijdst.20180401.11.
  4. M. Rahaman, F. Tabassum, V. Arya, and R. Bansal, “Secure and sustainable food processing supply chain framework based on Hyperledger Fabric technology,” Cyber Secur. Appl., vol. 2, p. 100045, Jan. 2024, doi: 10.1016/j.csa.2024.100045.
  5. Tabassum F, Rahaman M (2024) An Enhanced Multi-Factor Authentication and Key Agreement Protocol in Industrial Internet of Things, Available: https://insights2techinfo.com/an-enhanced-multi-factor-authentication-and-key-agreement-protocol-in-industrial-internet-of-things/
  6. A. Albugmi, M. O. Alassafi, R. Walters, and G. Wills, “Data security in cloud computing,” in 2016 Fifth International Conference on Future Generation Communication Technologies (FGCT), Aug. 2016, pp. 55–59. doi: 10.1109/FGCT.2016.7605062.
  7. Li, K. C., Gupta, B. B., & Agrawal, D. P. (Eds.). (2020). Recent advances in security, privacy, and trust for internet of things (IoT) and cyber-physical systems (CPS).
  8. Chaudhary, P., Gupta, B. B., Choi, C., & Chui, K. T. (2020). Xsspro: Xss attack detection proxy to defend social networking platforms. In Computational Data and Social Networks: 9th International Conference, CSoNet 2020, Dallas, TX, USA, December 11–13, 2020, Proceedings 9 (pp. 411-422). Springer International Publishing.

Cite As

Chokkappagari R. (2024) Encryption in Cloud Computing: Ensuring Data Security, Insights2Techinfo, pp.1

78140cookie-checkEncryption in Cloud Computing: Ensuring Data Security
Share this:

Leave a Reply

Your email address will not be published.