Securing Cloud: Elastic Key Management and Homomorphic Encryption

Abstract

Businesses choosing cloud based infrastructures for all of their IT needs enjoy business agility, technical flexibility and lower IT costs – but face a security dilemma of how to use the cloud securely.This dilemma is fostered by conventional wisdom which stipulates, that in order to achieve data protection and compliance in cloud, organizations must use hardware security mechanisms and dedicated servers. We will explain why such traditional modes of hardware based security and physical controls of servers are becoming much less relevant for the dynamic cloud ecosystem.We will discuss the concepts of “Software defined Security” as it relates to the cloud context and the capabilities of cryptographic data protection solutions for the cloud that require no hardware. We will discuss the potential uses and benefits of Elastic Key Management & Homomorphic Encryption, an emerging mathematical technique which holds great promise for cloud security. By focusing on the specific problem of Key Management, we will show it is possible today to design high performance, software only security solutions that use Partially Homomorphic Encryption to protect encryption keys.