SECURING CLOUD SERVICES AND ROUTING PROTOCOLS USING HOMOMORPHIC ENCRYPTION

SECURING CLOUD SERVICES AND ROUTING PROTOCOLS USING HOMOMORPHIC ENCRYPTION

Problem Statement

Cloud computing is a concept, which is effective and diverse. Today, almost all e-commerce businesses, and especially the big giants like Amazon.com, Inc. and Alibaba Group, employ cloud storage to store large volumes of client-related information. However, data security in a cloud computing environment is often an issue of concern not only to online companies themselves but also to users. For example, a customer visits website and query about a product or a service then opts out of the webpage. However, after some duration, the client opens the site and notices ads on the specific products/services about which they inquired the last time. This kind of situation raises concerns as to whether a cloud computing environment can guarantee confidentiality, data security, authentication, privacy, and integrity to customers. According, e-commerce organizations, as well as their website, have to identify new approaches to protect private data better.

Indeed, various proposals have been in the past to try to solve data security challenges in the e-commerce sector. Among the proposed approaches to help enterprises address cloud security issues is the use of cloud encryption gateway –an encryption technology that acts as a proxy “entry” to a cloud application by swapping sensitive information with tokenized or encrypted values for storage and transmission in the cloud. However, most of the suggested methods result in additional security concerns by demanding the engagement of a third party.

Therefore, this study presents a new approach to solve the information security challenge in the e-commerce sector. In that regard, the critical question, which the research will answer is “how can e-commerce service providers protect their customers’ personal data? In particular, considering that former methods have proved unreliable in regards to protecting user data, a homomorphic encryption scheme is proposed to guarantee reliable and secure protection to user identity.

Introduction

The security breaches that are witnessed in modern e-commerce sector can be avoided by realizing a new technique in which data is first encrypted before it is organized, managed, and stored in the cloud. However, to implement such a method, the encryption algorithm needs to sustain algebraic operations over encoded information (Gahi, Guennoun, Guennoun and El-Khatib, 2015). Such an encryption system, also known as homomorphic encryption, will generate encrypted results by allowing computation on ciphertexts. Thus, when clients input information, the encrypted data can be decrypted outcomes. This study will design multiple circuits, which would enable blind management and processing of information to prevent access to critical data by malicious parties. Additionally, while the secure models that the research will come up with can readily be modified for applicability in different areas, a prototype will be provided to be used to study the robustness and performance of the constructed models.

Generally, homomorphic is the encryption of choice for e-commerce service providers to protect their customers’ personal data for various reasons. First, homomorphic encryption can be efficient for the protection of information and the development of applications that are capable of producing encrypted outputs by processing encrypted inputs. Indeed, the ability to decrypt the input is a remarkable advantage that a Fully Homomorphic Encryption (FHE) has. Moreover, the fact that enterprises can launch a higher standard of data security without breaking application functionality or business processes is another motivation to use homomorphic. For example, according to Byun (2019), organizations that use this cryptosystem can achieve data security while deriving intelligence from sensitive information. Homomorphic encryption’s use cases include aggregate analytics (privacy-preserving encryption), “lift and shift” to cloud (cloud workload protection), data supply chain consolidation that contains the information from which risk breach is to be mitigated, and automation and orchestration (Byun, 2019).

Figure 1: Design of a secure communication protocol

In many traditional e-commerce applications, companies delegated the data processing tasks to a third party, which is remotely located. However, with increasing security challenges associated with integrity, confidentiality, and availability, achieving a more secure Cloud Data Protection Platform continues to become a primary focus of e-commerce businesses (Rao, and Selvamani, 2015). Typically, challenges arise concerning industry compliance, privacy, data residency, and third party obligations in regards to the handling of sensitive information related to users. Rao and Selvamani (2015) not that corporate policies affect how sensitive data is managed including who has access to the data as well as the kinds of information that can be collected and stored. These elements generally dictate the degree to which the value of cloud computing can be realized in an enterprise. Accordingly, concerns about data security have attracted the attention of the research community. As a result, various methods have been suggested to provide secure communication protocols to guard against malicious users.

Currently, however, e-commerce firms are shifting to a type of encryption with which decrypting data by unauthorized persons is complicated. The technique, homomorphic encryption has proved valuable in helping to make the data more secure. With homomorphic, data does not need to be converted to plain text for operations to be performed (Tebaa, El Hajji, and El Ghazi, 2012). Instead, data remains in the encrypted format –no need for conversion making information highly secure.

 

 

 

 

 

 

 

 

 

References

Byun, H. (2019). The advantages and disadvantages of homomorphic encryption. Baffle. https://baffle.io/blog/the-advantages-and-disadvantages-of-homomorphic-encryption/

Gahi, Y., Guennoun, M., Guennoun, Z. and El-Khatib, K., 2015. On the use of homomorphic encryption to secure cloud computing, services, and routing protocols. arXiv preprint arXiv:1508.05411.

Rao, R.V. and Selvamani, K., 2015. Data security challenges and its solutions in cloud computing. Procedia Computer Science48, pp.204-209.

Tebaa, M., El Hajji, S. and El Ghazi, A., 2012, July. Homomorphic encryption applied to the cloud computing security. In Proceedings of the World Congress on Engineering (Vol. 1, No. 2012, pp. 4-6).