Journal of Information and Telecommunication (Jan 2020)
Securing personal data in public cloud
Abstract
More and more data are being stored in various cloud storages and they make it impossible to personally take care of data security, since most of these service providers do not offer any options for users to set up trusted encryption. We offer two types of solution to protect data, a client-side encryption and a security middleware. OpenWebCrypt is a browser extension designed to secure private data so it does not leave the client browser. Our security middleware, CrypStore PI offers a flexible solution to encrypt all the data that leaves the trusted LAN. By doing so, both guarantee that neither an attacker on the untrusted channel, nor the third-party external service provider has access to those. Furthermore, by separating the keys and the encryption itself from the user machines to dedicated hardware, CrypStore PI also improves the level of protection. Our goal is to offer easy to use, configurable and affordable solutions for personal users or small enterprises who would like to take responsibility for the protection of their data stored in public clouds. Because of the limited resources, we analysed the performance of today's most used symmetric key encryption algorithms to be able to recommend the best choice.
Keywords
