Homomorphic Encryption- The Future of Cloud Encryption?

     With the use of cloud computing continuing to grow, researchers are continuing to examine and trying to define ways to better secure information passed through cloud service providers and stored in the cloud.  One IBM researcher, Craig Gentry, developed a way to do this by using homomorphic encryption based on lattice cryptography. Basically, homomorphic encryption enables a user to manipulate data without having to decrypt it first. This breakthrough would give providers the ability to access certain aspects of the data without having full disclosure from the organization, increasing security of the information and privacy within an organization.

      This sounds great when reading about the potential to secure your information and not have to fully disclose or decrypt the message or data in order to work with it. The problem is that this method of encryption will increase the processing time drastically. “It takes many times longer to process data homomorphically while it is in the encryption box than it would to process the data in the clear” (Prince, 2009). This makes the use of homomorphic encryption impractical for business and everyday needs currently.
    
      While his development is an amazing concept it must be refined to produce computing results comparable to the ones used today for storing and managing data in the cloud. “This capability can remove barriers to practical applications that use data analysis, and improve the performance and accuracy for companies and individual users by being able to securely analyze data across company boundaries without the risk of data security breaches. But as it stands, this is a technology that’s still a ways off” (Chernicoff, 2015).
     
      Since this development is still a ways off from implementation, organizations must rely on encrypting files before storing them in the cloud ensuring all data is encrypted before transmission and stored away on a cloud based encrypted server. When the organization wants to access it, they should have a username and password setup to gain access to the server or files with all of this encryption being managed and maintained by the cloud service provider.
     
      Overall, finding ways to properly secure an organization’s data is an ongoing task for the IT professional. Researchers continue to develop innovated ways to better facilitate this need, such as the development of homomorphic encryption. While it may not be readily available currently, through refinement it may be widely used in the future.

References:

Chernicoff, D. (2015). Will Homomorphic Encryption Change Big Data Forever? Retrieved from https://www.workintelligent.ly/information/2015-3-20-will-homomorphic-encryption-change-big-data-forever/.

Prince, B. (2009). IBM Discovers Encryption Scheme That Could Improve Cloud Security, Spam Filtering. Retrieved from http://www.eweek.com/c/a/Security/IBM-Uncovers-Encryption-Scheme-That-Could-Improve-Cloud-Security-Spam-Filtering-135413.

Barriers in Cloud Computing

Cloud computing is continuing to evolve over time and is becoming more prevalent in everyday business operations. Since it was introduced it involved organizations employing and changing their infrastructure to support the new technology and services. This ranges from replacing legacy systems to updating and installing new platforms to support it. This change can cause the organization to encounter barriers or obstacles that can slow or halt this evolution in computing technology.

According to Simon Mitchell, there are five barriers to cloud adoption. They are the NIH (Not Invented Here) Syndrome, Loss of control, Data Security, Data Privacy, and Cost (Mitchell, 2014). All of these barriers can hinder operations and reduce efficiency in implementing cloud technology.

When looking these barriers, the NIH syndrome occurs from organizations being reluctant to adopt a system or service that was not created or developed by them. This lack of ownership feeds into the second barrier which is loss of control. Since they do not feel as if they have ownership, the IT staff may feel as if they are not in control of administering the service. The goal is to ensure the organization understands that they still control the service by operating and controlling features but necessarily don’t have to worry about maintaining the hardware or system it originates from.

The next barriers would be data security and data privacy. The cloud raises concerns about the confidentiality and security of information loaded onto its server because there is so little known about its vulnerabilities. Organizations worry that if they use a cloud service they are putting their information at risk of compromise. It also raises the question of access. If the system is not located on site who all on the distant end has access to this stored information and is it secure from data breaches.

The final barrier is cost.  The organization tends to look at long term cost. A traditional in-house server has a one-time cost that can be maintained for several years whereas cloud computing has an initial startup cost and a yearly service fee. This can be concerning if the cost outweighs the benefit and can cause organizations to move away from adoption.

By removing these barriers the organization can strive and increase efficiency using modern technology as illustrated by Larry Bonfante saying, “with an appropriate level of planning and architectural effort it can be a valuable tool for any CIO, allowing us to focus less of our time on the utility aspect of IT and more of our time on adding value to the company” (Bonfante, 2014).

Even though the cloud has shown it can be a useful tool, using cloud technology is not with its concerns. “Security remains a top concern when it comes to moving critical information to the cloud and keeping it safe” (Skok, 2014). This is because not every organization has a robust IT department with the infrastructure to adequately support securing their network. So as the cloud continues to evolve it must incorporate ways to provide external security measures to readily support smaller organizations throughout. Once this occurs, it will reduce this hesitation to make this service more readily available.

Finally, cloud computing offers other areas of concern or barriers which were not included on this initial list of barriers. They are the complexity, reliability, network bandwidth, and interoperability concerns associated with its adoption and use. Since it requires Internet usage and is intertwined into business operations some organizations are concerned with the availability of these resources. Most organizations need some assurance that network will not be delayed reducing efficiency and that the information is available at all times.

Overall, the adoption of cloud computing can greatly enhance operations by providing off site services to increase storage, capability, and  application services provided but it comes with  associated barriers or concerns which can hinder or decrease it  from being implemented into everyday usage within the organization. To effectively reduce these barriers the IT manager must assess the overall value with cost comparison versus the given risk and see if it is manageable and negligible to benefit the organization as a whole.

References:

Bonfante, L. (2014). Three Flawed Issues About Cloud Computing. Retrieved from http://www.cioinsight.com/it-management/expert-voices/three-flawed-issues-about-cloud-computing.html.

Mitchell, S. (2014). Moving to a Cloud: Top 5 Barriers to Cloud Adoption – And How to Break Them Down. Retrieved from http://www.business2community.com/cloud-computing/moving-cloud-top-5-barriers-cloud-adoption-break-0987489.

Skok, M. (2014). Breaking Down the Barriers to Cloud Adoption. Retrieved from http://mjskok.com/news/news-breaking-down-barriers-to-cloud-adoption.

What are worms and how to protect your systems from them.

Worms are a form of malware that can infect many systems on a network by sending copies of themselves from one system to another until they infect every system. A common form of distribution is by attaching the worm to an email. Once the user opens the attachment, the worm installs itself on the system and spreads to other systems on the same network. The example below shows Melissa, the worm, is sent as an attachment and then spreads to the rest of the systems on the network.

Since a worm is malware, the best protection against a worm attack starts with not letting the worm have access to the system. The first line defense to protect your system is a network firewall configured to block external access to network services.  You should also enable content filtering and using anti-virus programs to scan for known viruses and worms.

The next logical defense against a worm attack is security awareness training for users to teach them signs of this known threat. This training should explain not to open unknown attachments, links or emails from untrusted sources.  It should also include procedures for reporting symptoms of a worm infection on their systems to help with containment.

Finally, to protect against worms the systems administrator should ensure all systems and software are up to date with the newest security releases. These patches will help protect computers from newly discovered threats.

References:

GFI Software. (2013). Protecting your network against email threats: How to block email viruses and attacks. Retrieved from http://www.windowsecurity.com/whitepapers/anti_virus/Protecting_your_network_against_email_threats_How_to_block_email_viruses_and_attacks.html.

VERCODE. (2014). Computer Worm. Retrieved from http://www.veracode.com/security/computer-worm.

IPsec headers used with IPv4.

IPsec is designed to provide security functions for authentication and encryption for TCP/IP at the Internet level. To better understand how IPsec works, you first have to understand the IPsec header and where it is located. When looking at IPv4, the header contains addressing and control fields, while the payload carries the actual data to be sent over the internet.  A standard IP header is 20 bytes long. The complete IP header can be seen in the illustration below.

(Friedl, 2005)
To break down the IP header, we start at the top with the version (ver). This identifies the version of the IP used, which is IPv4 for this example. It is used to ensure compatibility between devices running on the version of IP. It is 4 bits long and is followed by the Internet Header Length (hlen).  The hlen specifies the length of the IP header, in 32-bit words. This includes the length of any options fields and padding.
Next, there is the type of service (TOS) block. This field is designed to carry information to provide quality of service features, such as prioritized delivery, for IP datagrams. The packet length (pkt len) specifies the total length of IP datagrams in bytes. After the pkt len, there is the ID field. This field contains a 16-bit value that is common to each of the fragments belonging to a particular message.
Continuing on to the next block, you have the flags (flgs). The flags are used to manage fragmentation. It is followed by the fragment offset. This field specifies the offset, or position, in the overall message where the data in this fragment goes. This is followed by the time to live (TTL) block. This specifies how long the datagram is allowed to “live” on the network, in terms of router hops.
After the TTL, there is the protocol (proto) field. This identifies the protocol used for transport and encapsulation. The next field is the header checksum which detects errors in the transport to ensure the message is not corrupted. This is followed by the source IP, destination IP address, and IP options to complete the full IP header.
When using IPsec, it is easier to understand how the IP header is used for authentication when in transport mode. It can be used for either authentication or encryption but the IP heard being transported is not an encryption protocol but is a secure IP connection.  As illustrated in the diagram below, when used for authentication and authentication header (AH) is added to the IPv4 IP header for transport.
 
(Friedl, 2005)
When using ESP in transport mode you are adding an encapsulating Security Payload (ESP) to support encryption and optional authentication. This encrypted payload is constructed by encapsulating the datagrams payload by adding security parameters Index and Sequence number fields on one side of the payload and ESP trailer consisting of padding, the next header, and optional authentication data at the end. This can be seen in the illustration below.
 
(Friedl, 2005)
 References:
Friedl, S. (2005). AN Illustrated guide to IPsec. Retrieved from http://www.unixwiz.net/techtips/iguide-ipsec.html#ip

Small Business Cyberattacks continuing to pose a threat

Last month, cyber attacks aimed at small businesses were examined and the most prevalent type of attack used was phishing emails. Small businesses have been targeted repeatedly mainly because of their weaker security protocols they have in place. The attackers exploit these vulnerabilities to steal information and gain access to valuable business resources.

An example of the attacks using phishing emails seen recently contained emails posed as notices from the Better Business Bureau and claimed a customer had filed a complaint against the recipient, but the notes actually contained links to malware created with the Black hole exploit kit. This type of email

These type of attacks are not new but attackers are becoming more sophisticated in their method of delivery to disguise their intent. The delivery of these emails with URLs embedded linking them to sites aimed at stealing information.  As common of an occurrence this is for attackers, it still proves to be effective.

To protect yourself from these attacks, it is best to educate employees on the types of attacks and update security to protect from malware infecting your system. To read more go to:

http://www.inc.com/magazine/201312/john-brandon/hackers-target-small-business.html

http://www.ittechnewsdaily.com/254-small-business-cyber-attacks.html
 
http://www.aa.com/i18n/urls/phishingEmails.jsp?anchorLocation=DirectURL&title=phishing

Anthem Data Breach- things to consider afterwards

Anthem, a health insurer company, alerted customers Wednesday that it suffered an attack that resulted in 80 million users information being stolen. The stolen personal information includes residential addresses, birthdays, medical identification numbers, Social Security Numbers, email addresses and some income data belonging to both current and former customers and employees, including its own chief executive.

From a security standpoint, this is worrisome. The first area of concern is what vulnerabilities are present that can allow for the compromise of 80 million users information. It is to be estimated that the malicious hackers may have infiltrated the Anthem’s networks by making use of a sophisticated malicious software program that gave them access to the login credential of an Anthem employee, thereby breaching 80 million customers.

Next, there is email scams that have increased for customers affected. Almost immediately after the attack occurred. Anthem warned about the email scam in a statement saying that the emails appears to come from Anthem and ask recipients to click on the attached link in order to obtain credit monitoring. Do not click on such links and do not provide any information on any website, Anthem advised its customers.

Overall, this is the largest breach of personal information being stolen in recent times and based on how attackers are gaining access requires security personnel to be alert and proactive to identify vulnerabilities before suffering a catastrophic attack. These prevention techniques may not eliminate the threat, but may provide ways to decrease the amount of data stolen.

To read more, go to:
http://thehackernews.com/2015/02/anthem-data-breach.html

"MAGNET" new malware that uses social media tagging to spread rapidly

MAGNET malware example link

Over the last two days, a malware program used to infect and steal data from social media users has infected over 110,000 users on Facebook, primarily those trying to access video links from the site. The reason being is that it poses a Flash update once you click on a link and then inserts a Trojan horse into the users system to hijack one's keyboard and mouse controls in order to facilitate stealing usernames, data, and passwords.

This new technique also enables the malware to keep a low profile, while also displaying itself publicly on your profile, and this is only the reason how the malware infected so many Facebook users just in two days.  Another part is the malware exposes what link you have clicked on to everyone, exposing inappropriate site selections. In the new technique, which is called 'Magnet,' the malware gets more visibility to potential victims by tagging the friends of the victim in the malicious post, infecting other rapidly. A tag may be seen by friends of the victim's friends as well, which leads to a larger number of potential victims. This will speed up the malware propagation.

 

Overall, this malware has not been publicly announced by Facebook and it has to the potential to expose data of users without their knowledge. The best defense is not to click on links to videos you cannot confirm the source to. Just because a friend's name is linked to a post or link doesn't make it factual or reliable.

 

To read more, go to:

http://thehackernews.com/2015/01/facebook-scam-flash-player-malware.html

 

 

 

Google to add wireless services

So it was announced this week that Google will start to take on the role of mobile virtual network operator (MVNO) by purchasing bandwidth from Sprint and T-Mobile. This would allow Google to provide wireless services to users, as any other mobile service provider does. This project codenamed "Nova" has been in the works for about 18 months. This service is expected to be on the market later this year.

By implementing its own wireless services, Google will disrupt the mobile data services pricing plans and should drive down mobile data cost. They plan on doing this by using the ad-based model, which means ads appearing randomly on your page. Google also plans to integrate their Google wallet service to this platform, to try and boost its use and functionality.

This raises security and privacy concerns to some. By google now tapping into network data, along with the data collected from Internet usage, they will be able to target specific audiences for services. Currently the E-commerce requires that the data collected from network services remain separate though.

Overall, Google is looking to provide lower cost data plans to effectively target consumers who would enjoy their services and offerings. The extent of how they plan on implementing and protecting data will be seen over time from implementation. They have the ability to cause a shift in mobile data pricing and plans but time will determine if they are successful at it.

To read more, go to :
http://www.ecommercetimes.com/story/81633.html

Internet of Everything

This week in my studies, I have learned extensively on the concept known as the Internet of Everything (IoE). This is not a new term to me, but since I have been studying Cisco routers and switches extensively it was reiterated and explained in more detail. This concept developed by Cisco and is a $4.6 trillion opportunity for global public-sector organizations over the next decade, as a result of cost savings, increased productivity, new revenues and enhanced citizen experiences.

Exactly what is this concept known as IoE? It is a networked connection between people, processes, data, and things. Basically, the IoE will connect everything in the world to help reduce cost, increase productivity, and enhance benefits of technology use. Overall, everything used will be interconnected through the Internet.

Some examples would be a smart building enabled and designed to have devices within the building interconnect to devices such as lights, machines, workstations, and even refrigerators. This expansion also effects the households by interconnecting stoves, cars, phones, and computers. By 2022 this concept should be enabled and every device should be a "smart" device.

Overall, this will require a large number of IT professionals to sustain this concept. The average household user may not be technically sound on how to troubleshoot or fix errors when these interconnected devices fail. The future seems to hold advancements that require these essential functions, if this Cisco theory becomes reality.

To learn more, go to:

Cisco. (2014). Internet of Everything. Retrieved from http://internetofeverything.cisco.com/