Internet-based cloud computing has evolved to store, manage, share and analyze the massive amounts of complex data required to do such things as help safeguard the nation, improve the quality of healthcare and assist in the exploration of alternative energy sources.
In cloud computing, shared resources, software and information are provided to computers and other devices on demand, like the electricity grid.
Right now, however, secure cloud computing is in its infancy.
The major security challenge with clouds is that the owner of the data may not have control of where the data is stored, since exploiting the benefits of cloud computing means also using the resource allocation and scheduling mechanisms that clouds provide, according to Bhavani Thuraisingham, a scientist at the University of Texas — Dallas, who is studying cloud-computing security issues and solutions.
“Therefore, we need to safeguard this critical data in the midst of untrusted processes,” she said.
Among other things, data security in cloud computing involves data encryption as well as ensuring that appropriate policies are enforced for data-sharing. Also, resource allocation and memory management algorithms must be secure.
There are also homeland security considerations.
One is the need to process enormous amounts of information about potential terrorists and terrorist acts, as well as information about critical infrastructure. This sensitive data may be stored in clouds scattered across multiple sites. Thuraisingham said proper tools to effectively store, query and analyze this data, while preventing it from falling into the wrong hands, do not yet exist.
It has been argued that clouds should not be developed to store sensitive information.
“But, in that case, we lose all computational advantages that clouds provide,” Thuraisingham said.
Instead, Thuraisingham and colleagues, with funding from the U.S. Air Force Office of Scientific Research, has defined a layered framework for secure cloud computing. This includes inserting new security code directly into software applications to monitor and prevent intrusions. Her team has also provided additional security by encrypting sensitive data that is not retrievable in its original form without accessing encryption keys.
They are also using a technique called a Chinese Wall, which is a set of policies that give access to information based on previously viewed data.
Thuraisingham told Homeland1 that whether we like it or not, cloud computing is here to stay and that there are no boundaries with respect to clouds.
“With globalization and outsourcing, sensitive data may reside in machines in partner countries who may not be entirely trustworthy,” she said. “Therefore, it is absolutely essential that we protect sensitive data in clouds.”