Cloud computing aims at flexible and scalable infrastructures using virtualized resources. Although virtualization and outsourcing improve efficiency and flexibility, they also introduce new threats.
“Cryptography is only as good as the keys used.”
—Elli Androulaki, IBM scientist
We mitigate these threats by means of new security technologies to protect virtual environments. Moreover, we are designing novel mechanisms that provide protection levels beyond those of today’s non-virtualized systems.
Whereas providers employ traditional security measures, clients of cloud services can use cryptography to provide additional protection to their data. Data encryption and integrity protection methods give clients some degree of control over their data, but crucial aspects must still be addressed:
- Cryptography is only as good as the keys used. Hence one needs good solutions for key management.
- As encrypting data prevents data from being processed in the cloud, additional sophisticated cryptographic schemes are needed to enable limited processing.
With its strong background in cryptography and system security, our team has made key contributions to research, products and standards in the domain of cloud and data security.