What is security? Able to resist all kinds of attacks. Talk about security must talk about attack. Cryptographic algorithm security analysis that is to decipher the password, modern password analysis is to find the key.
Security protocols are also based on attacks, which include intermediaries and collusion attacks. Network security design is also based on attack assumptions, such as phishing attacks on more common bank sites. System security also needs to be considered for a variety of attacks, to look for vulnerabilities, vulnerabilities and attacks like the relationship between chickens and eggs. So research security also starts with attacking.
Therefore, an attack is the only criterion for verifying security. In the cloud security in terms of cloud attacks, leaving the attack to talk about security can not be implemented. However, cloud attacks are relatively small, because cloud security is a very broad concept, in the initial stage, no one really fully understand the cloud computing, future applications involved in a lot of things.
Cloud application is a key issue, security needs in the application can be reflected, when the application environment is determined, to determine the security solution, otherwise just on paper. Moreover, security is not guaranteed to be 100%. In terms of pure computing and network mode, cloud computing is a new wine in old bottles, but it has new applications under special architectures.
In terms of cryptography, there are four topics for cloud computing security.
First, cloud computing is a remote information processing and storage, but for the sake of security, the information data stored on the cloud to be encrypted. The best idea is that the data will be encrypted and placed on the cloud, the processing does not need to send all the data back to decrypt, you can directly in the cloud with ciphertext decryption processing, will be on the local computer work on the cloud can still be carried out, but currently can not be achieved. The research of this subject may take a lot of time to complete, and it is very difficult to realize the real application.
Second, the encryption of cloud data after the issue of authorization. Depending on the user's identity, level, special attributes, etc., the data is different, and therefore requires encryption based on the attribute. For each user, the decrypted p is divided into two parts, provided to the personal key, because the key can not be recalled and changed, partial decryption to prevent the disclosure of information.
Third, the sale of data goods with privacy protection. Some countries, particularly Europe, attach great importance to privacy issues. If you buy books on an online bookstore and you don't want booksellers to know about your purchases, booksellers encrypt all the digital books on the cloud, and the encryption process and the change in the order of encryption will help users achieve privacy-preserving functions.
Four, the protection of digital copyright. Mainly related to the control of data access, in the cloud environment, data copy, editing and other issues need to be further studied.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.