Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

In most of this chapter, we assumed that cryptography was being used to protect

ID: 3875373 • Letter: I

Question

In most of this chapter, we assumed that cryptography was being used to protect data in a communication scenario. However, cryptography can also be used to protect stored data. Which of the issues that we discussed in this chapter are exactly the same regardless of whether cryptography is being used to protect transmitted data or stored data, and which of these are subtly different? (You might like to consider who the likely players are in the basic model of a cryptosystem being used to protect stored data, which security questions they might ask, etc.)

Explanation / Answer

Ans:

Security Attacks and Cryptography Solutions for Data Stored in Public Cloud Storage

Cloud computing dominates the IT industry in recent years. It provides many advantages to the enterprises those who are not having enough computing infrastructure for computing business. Computational resources are provided in virtualized manner. Multiple datacentres are run for storing and maintaining the users’ data. This multiple datacentres are situated in different geographical location in the world. Users’ data are stored in the datacentres of cloud and controlled and monitored by cloud service providers. User s don’t have any control or rights on their data stored in the cloud not even know the location of the data in cloud. This nature of cloud makes many security related issues on the data stored in the cloud. The big problem in cloud is security of data in the cloud. Cloud data are attacked by insiders as well as outsiders in different ways. the different types of attacks on cloud data and also presents what are cryptography solutions are available to protect the data from the different attacks. Security is addressed by different parameters like authentication, authorization, confidentiality and integrity. Among this, ensuring confidentiality protects the data in cloud storage.

TYPES OFATTACKS IN CLOUD COMPUTING

Ciphertext - Only Attack In this type of attack, the cryptanalyst has the ciphertext of several messages and they have been encrypted using the same encryption algorithm. The job of cryptanalyst is to recover the plaintext as possible or could deduce the key(s) which is used to encrypt and decrypt the message.

Chosen - Plaintext Attack

In this type, the cryptanalyst has access not only to ciphertext and associated plaintext for several data but also

chooses the specific plaintext blocks to encrypt which yield more information about the key. Cryptanalyst jo b is to deduce the key(s) used to encrypt the messages or an algorithm to decrypt any new message encrypted with the same key(s).

Chosen - Ciphertext Attack

In this attack, the cryptanalyst knows different ciphertexts to be decrypted and has access to the decrypted plaintext. Cryptanalyst’s job is to deduce the key.

Meet - in - the - middle attack

It is another type of known plaintext. The Meet - in - the middle attacker uses two different keys to encrypt the

plaintext with a different combination of keys and decrypt the ciphertext with another set of keys to get the necessary key to get the original message.

Pre - computation attack

The crypto attacker makes a list of possible keys and compiles a look up table in order to decrypt the ciphertext.

One of the values in the look up table cracks the encrypted message. It is another class of dictionary attack.

Denial of service

In cloud computing, hacker attack on the server by sending thousands of requests to the server that server is

unable to respond to the regular clients in this way server will not work properly. Counter measure for this attack is to reduce the privileges of the user that connected to a server. This will help to reduce the DOS attack.

SQL Injection Attack

SQL injection attacks are the attacks where a hackers uses the special characters to return the data for example in SQL scripting the query end up with where clause that may be modified by adding more information in it.

SECURITY ISSUES AND SOLUTIONS

Security risks are the biggest concerns when users want to apply outsourcing computing in cloud storage. There are various security problems involved in the cloud computing.They are data security, network security, data locality, data integrity, data segregation, data access, authentication and authorization, availability, backup, identity management and sign - on process, etc. Especially, among these security issues, confidentiality is the most important parameter to secure the data in cloud. Confidentiality for cloud storage ensures that the cloud providers do not learn any information about the users’ data.

The main concern around data storage is the protection of information from unauthorized access. In several usage

scenarios, the risk of data being disclosed, lost, corrupted or stolen is unacceptable. Until data are stored on resources owned, controlled and maintained by the data owners, the possibility of unauthorized access is reduced by any physical countermeasure or trust in authentication and authorization mechanism. Things radically change when moving from resources fully controlled by the data owner to resources administrated by third party entity like public clouds.

Resources that remain outside the users’ domain are not owned and controlled by the users. The risk that someone (an employee of the CSP) can access and disclose or corrupt data is considerable. This risk is usually known as insider abuse or insider threat or insider attack. Confidentiality of data in the cloud is to be ensured

the dat a protection from insider attack. This is the major risk that, presently, is preventing the large adoption of cloud based solutions by the enterprises. Before companies move their data to the cloud, benefitting from the cloud storage advantages, all issues deriving from storing data on un - owned and un-trusted resources must be addressed by the legal security frameworks. To protect data in cloud storage, currently a standard approach is to apply cryptographic techniques into users’ data. Cryptographic techniques have been widely used in the area of cloud storage, and it plays an important role in the data security. In the cloud environment, security attacks are protected by using cryptographic techniques. In cryptography, the message which is to be kept secret is called plaintext. The process of hiding its content is called encryption and the encrypted message is called ciphertext. The process of receiving the content of plaintext from the ciphertext is called decryption. A cryptographic algorithm or cipher is a mathematical function used in the encryption and decryption processes. A modern cryptographic algorithm always includes a key. Cryptographic algorithms, plaintexts, ciphertexts , and keys are collectively called cryptosystem. It works with comb ination of keys and algorithm to encrypt the plaintext and to decrypt the ciphertext.

.

Related Questions

In mid-December, a bank Treasurer projects that loan demand will require a S10 m
Question #2717618
In mid-September, 2015 S&P 500 lowered the credit rating of We$ellDrugs, Inc (W$
Question #2774063
In mid-nineteenth century England horses were often used to pull barges along ca
Question #2185765
In military time, hours are numbered from 00 to 23. Under this system, midnight
Question #3876530
In milk pasteurization, when the raw milk is pasteurized at 63 o C, 30 min will
Question #65444
In mips assembly Count= 0; For(i=0; I<1000; i ++) { If(A[i]<100) { Count++; } }
Question #3826683
In mitochondria, exergonic redox reactions are coupled via phosphorylated interm
Question #318188
In model 2, the probability plot of the residuals looks like this: What should w
Question #3156906
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
In most of the circuit problems we have done in this class, we have used a batte
Next
In most organisms, all of the glycolytic reactions occur in the cytosol. However

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.