Encrypted Cloud Storage for Modern Business

Transcription

1 Encrypted Cloud Storage for Modern Business Martina Hupková Abstract Martin Baroš Cryptelo s.r.o. Dělnická 1324/9, Praha 7 Czech Republic This paper directly supplements the lecture Privacy in the Cloud, which demonstrates the ideal, or optimal cryptographic design and the possibilities of implementing it in relation to the issue of data protection in the cloud. The paper presents the application of selected data protection concepts in practice using the example of encrypted cloud storage for businesses, and the impact these concepts have on the user once implemented. We introduce the requirements for modern cloud storage, as they arise in the character, activities and structures of modern companies. The level of development in technology, society, thinking and communication is a factor reflected in the nature of business. Specifically, this takes into account the increasing mobility of people (employees) and knowledge, different forms of employment, globalization and internationalization. The central concern of this paper is the human factor the user, working with sensitive data, also poses a potential threat to the loss of such data whether purposeful or inadvertent. Where is the boundary between user-friendliness or easeof-use and the maximum possible data security in cloud encryption? The decision is based on an awareness of the need to protect corporate data and its realistic value. Is some data worth maximum protection such that the data cannot be accessed either by an attacker, the encrypted system creator, or at request of police and state security forces? We introduce an encrypted cloud, based on a combination of symmetric (AES-256) and asymmetric encryption (elliptic curves), in which it s impossible to backup data and loss of the data is a better choice for the owner than providing them to a third party.

2 After the introduction of this technical solution, the paper will conclude with a discussion concerning the repercussions of an absolutely anonymous private virtual space on a user's behaviour and responsibility in terms of legislation. Keywords: encryption, cloud, business data, security 1 Contemporary Business Challenges Since the beginning of the 21st century, with the development of modern technologies, data has started to be stored electronically. Written, numerical, and visual documents are created in a digital form. Original data in paper form has gradually been digitized. Companies now even store sensitive documents such as strategic corporate documents, schedules, contracts, project documentation and personal information digitally often existing in no other form. Data and information are at the heart of the competitive advantage in most industries. The loss of company data and know-how for a company then presents a significant business risk. Personal and corporate data is an invitation to increasingly inventive attackers. The integration of information and communication technologies into all spheres of life (professional and personal) increases the risk of the business world being compromised. The rapid and continuous development of information technology, knowledge and skills means that a normal password no longer presents significant obstacles for a targeted attack. For company owners, securing control over its know-how, strategic documents and sensitive corporate data has become the challenge for sustainable business at the dawn of the 3rd millennium. Going hand in hand with the dominance of data in digital form is the necessary change in the mode of data transmission. Already, 75% of small and medium-sized companies in the Czech Republic use cloud services [1]. In the business world, the objective is to ensure a channel that is efficient (fast, easy and flexible) and secure at the same time. In countries, where cloud services are the most widely used, there are major concerns concerning data security in the cloud [1]. Having an encryption method ensures data security by maintaining the confidentiality of its meaning and significance. The application of modern cryptographic principles provides absolute data security, however, due to its complexity, it is not suitable for normal everyday use in a company. In order to meet the needs of corporations, it is necessary to build new systems that share and transmit data securely from the ground up, rather than bringing secure superstructure or various other methods of encryption to existing products. As the

3 world increasingly goes virtual, secure data and communication will only become more and more significant [2]. One example of an encrypted corporate communications system embedded from the ground up is Cryptelo. Using it as a model, we will demonstrate the main concepts that modern protection methods should meet so as to secure a company s digital data. Cryptelo solves the problem of ensuring the maximum possible security of digital data transfers by using modern cryptographic principles, while maintaining a user-friendly solution that is suitable for everyday business use. 2 Digital Data in Firms Digital data is currently, and for the foreseeable future, the only appropriate way of storing large data files with the prospect of working with them again in mind. Digital data forms a major part of a company s know-how, making data maintenance, reliable access and backups crucial to a firm s survival in today's highly competitive environment [3]. Data archival is mandated by several laws and regulations, with retention periods of up to 10 years for some accounting documents (invoices, financial statements, tax documents). Some documents such as payroll and accounting records containing data needed for pension insurance, however, needs to be retained for 30 years, while other documents must remain permanently (foundation and concession documents, annual reports, collective agreements, etc.) [4]. What is the shelf life of stored digital data on a standard data carrier? Morgan [5] states that traditional audio tapes and cassettes, as well as floppy disks, have a lifespan of 10 to 20 years, while DVDs, CDs and Blue-Ray discs have shortened the time data can be used down to 2-5 years or a little longer. USB flash drives or hard drives have a lifespan of 10 years. A variant with longer-lasting data storage, including greater compatibility between devices from different generations, may be new optical discs still in development. Most of these problems are solved when storing data in the cloud (if operated correctly) [6]. The popularity of cloud services is growing and will grow from ½ to ¾ of the data volume transmitted through data centres five years from now [7]. The possibility and ability to utilize cloud services is closely tied to connection speed and other data transfer parameters. In terms of the quality of data transmission by fixed and mobile networks, the Czech Republic is comparable to the other European states [7]. So far, however, there is still a large amount of data produced in paper form (especially in official correspondence and many public institutions), although this

4 amount is steadily decreasing. The reason digitization is superior includes quick access to and use of data, as well as better protection against unexpected disasters (fires, floods in 1997 and 2002). This process is supported by the European Union; for instance, they supported the construction of a national digital archive [8]. In the private sphere, digital data storage is growing slower, but is still evident [9]. The quantity of digital data being produced is increasing worldwide. In 2007, there were 281 billion gigabytes of data; in other words, 45 gigabytes for every person on the planet. Even then, it was assumed that only half of that amount was archived in 2011 due to the fact that a large proportion of this data was deleted, becoming e- waste [10]. In the next few years, it is assumed mankind will create more data than humanity has created for the past 5000 years [1]. What is going to happen to all this data? The MIT Center for Digital Business in Boston, states that companies which adopt data-driven procedures and use data to make decisions, will gain about 5-6% productivity in comparison to investing in other areas of a company's development and other uses of information technology [1]. 3 Requirements for Working with Data in Modern Companies Cloud services are the next stage in the development of computer technology, and are also an efficient way to reduce costs and transfer responsibility for professional services from companies to providers [11]. Companies buy only necessary services and have no acquisition, operation or maintenance costs for their entire station. One problematic area, however, is the cloud's security, or more precisely, the need to entrust a third party. In mid-2014, the US was shocked by a scandal in which 4.5 million medical records (including credit card numbers) were broken into, revealing that 90% of cloud services used in the healthcare sector present huge security risks [12]. Cryptelo Drive is an encrypted virtual disk that allows data to be shared at a topsecret security level, as defined by the NSA (see Table 1). Cryptelo Drive is provided as a cloud-based solution or as a specially designed server. Both options guarantee identical levels of data encryption. The server can be installed on one s own hardware, and can be placed in a client s home or office anywhere that feels safe. The cloud option is suitable for clients who are unable to continuously run, maintain and backup a server, including providing physical protection from flooding, fire, etc. The server option, on the other hand, allows full control over

5 where the data is physically located. In the virtual world, it is often not known in which country a cloud services server is located, nor the legal framework of these countries; this is an important added value that brings back the element of physical security to data protection. The decision to acquire new technology must include an analysis of the ability to operate and maintain such technology. The functionality of the technology cannot be considered separately from the environment (physical, social, legal) in which that technology operates. Algorithm Function Specification Parameters Advanced Encryption Standard (AES) Elliptic Curve Diffie- Hellman (ECDH) Elliptic Curve Digital Signature Algorithm (ECDSA) Secure Hash Algorithm (SHA) Encryption FIPS Pub 197 Key Exchange Digital Signature NIST SP A FIPS Pub bit keys for SECRET 256 bit keys for TOP SECRET Curve P-256 for SECRET Curve P-384 for TOP SECRET Curve P-256 for SECRET Curve P-384 for TOP SECRET Hashing FIPS Pub SHA-256 for SECRET SHA-384 for TOP SECRET Table 1: Suite B cryptographic algorithm used by NSA [13]. Note. Suite B cryptographic algorithms are specified by the National Institute of Standards and Technology (NIST) and are used by NSA's Information Assurance Directorate in solutions approved for protecting National Security Systems (NSS). Suite B includes cryptographic algorithms for encryption, key exchange, digital signature, and hashing. Cryptelo uses the underlined algorithms. Development of the information society has encouraged globalization, internationalization of trade and redefined the meaning of borders in the business world. Due to the improving quality and acceleration of transport, relative distances are becoming smaller. What is widening, however, is the real distance between branches within firms, members of management who cooperate, external consultants and experts, business partners, suppliers and even the employees themselves as the importance of working out of the office or from home increases. Cooperation within a team or a larger circle of people requires new forms of communication and the ability to share necessary data. For strategic teamwork, the

6 key is to ensure the secure transfer of a document, as well as the subsequent process of continuously updating the relevant document by various team members. Telecommuting is to work partly or even mostly outside the office or in a place of residence. This allows much greater flexibility should adequate transport be inaccessible (e.g. on the periphery or rural areas), or in the case of working people who, for various reasons, are unable to commute to work (parental leave, health problems, etc.). More and more companies allow work to be done outside the office, making it essential for corporate communications, data and work to be accessible on a variety of devices (laptops, tablets, smartphones); part of the growing trend called BYOD (Bring Your Own Device). According to a study among 500 British executives, 70% believe that BYOD motivates workers to make better use of technology and prevents absenteeism at work. At the same time, respondents are aware of the security risks associated with using data in the cloud. Both cloud computing and BYOD address how small companies and start-ups are either unable or do not see the sense in establishing real office space. The factors which are developing forms of remote communication and working with data, in connection with the general development of the society, have been summarized in Table 2. Employee relationship changes Home office Part-time jobs for workers External consultancy Virtual office Shorter distances and the internationalization of trade Co-management of company branches Business travel of managers and traders Replacement and rotation of staff between branches Long-distance cooperation Table 2: Factors developing remote communication and data handling. Source: original Accessing necessary data without the user or group of users being physically present in the office is effectively resolved by cloud services. In case part of the users, and managers in particular, work remotely, it is necessary to consistently ensure the security of shared data since they are often sensitive in nature. Cryptelo Drive solves the problem of how to transmit data in a way that guarantees the content cannot be intercepted by anyone else. Suppose we need to send data in a digital form to someone. Today, transmitting sensitive or confidential data can be done in the

7 following ways: (a) uploading data to a portable media device and delivering it personally, (b) recording the data on portable media and sending it by intermediary (postal and courier service), or (c) sending data via a secure electronic communication channel. Taking a USB disk on a flight from Denver to Singapore in order to deliver a contract to a business partner is not currently an acceptable solution. However, for modern business purposes, option (c) is interesting because, in contrast to the first two, it provides benefits in the form of high speed data transfers (nearly instantaneous) and allows such transfers to be made again and again. The biggest challenge in terms of cryptography is to ensure the secure file transmission of files, and more precisely, the key for an encrypted file to one or more persons. Secure storage and data collection is not enough today. Instead, the main priority should be to secure the data as it is being worked with. For example, allowing one or more users to collaborate on a single version of a file; file versioning is a requirement for modern companies working dynamically with data. Cryptelo is an original system the meets the requirement needed to fully secure business communications and data sharing, incorporating the requirements necessary for a modern business to operate in the global environment, according to the attributes described above. 4 Building an Original System In order to address corporate needs, a new secure data sharing system was built from the ground up the encrypted virtual disk, Cryptelo Drive. Cryptelo was built on the cryptographic ideas of cryptologist Vlastimil Klíma see [14]. The decision was made to go on the demanding journey of finding new custom solutions and the optimum combination of security and user-friendliness. According to Gar tner's published forecasts, 2015 [15] will see an increase in the demand for sophisticated products that offer comprehensive solutions allowing company data to be worked with securely. Currently, the Cryptelo system provides secure file transfer in an unprotected virtual environment the concept will be expanded to include other types of data transfer such as chat and (including encryption metadata). The aim is to provide comprehensive secure business communications for today's businesses, where data and information determine competitive advantage. Most companies are roughly aware of the value of their data; however, because of the relatively large financial costs, enterprises won't look for advanced solutions unless they encounter a security breach in the form of leaked data. It has however been stated that over a two-year period, more than half of all employees lose at least

8 one USB flash drive storing sensitive data [16]. Companies or individuals who have experience with leaks and data theft, or are directly aware of the threat, want quality data protection regardless of whether their data has been backed up or not, i.e. priority is given to the absolute loss of data before its disclosure. This is the protection concept Cryptelo is introducing a system where backdoors do not exist. If you have the key, you have access to encrypted data. If you lose or forget the key, you lose access and the data. This is the only way to ensure a security level that can prevent a hacker or administrator, owner, system designer or state security forces from acquiring access to stored data. Furthermore, even if someone were to physically take possession of the server, with the precise cryptographic solutions that have been proposed, it s impossible to decrypt the data stored in Cryptelo. The system even cryptographically guarantees that if an attacker was able to physically write data onto the Cryptelo server HDD, the system would recognize the data as inauthentic. All responsibility for the data is transferred to the data owner, and responsibility for the operation of the system is transferred to the system owner. This is in contrast to storing data in the cloud, where the responsibility for data is transferred to the cloud provider. For maximum security, Cryptelo has fully adopted the criteria to encrypt data in accordance with the NSA s top-secret level (see figure 1 above). User-friendliness combined with quality cryptographic designs of applications and their precise implementation is an absolutely key factor, because (a) the empirical evidence has repeatedly shown that if a system is challenging for users to become familiar with, employees won t use it. The aim should not generally be to create a great cryptographic product, but to create the right cryptographic product that is also suitable for everyday use. The second reason requiring the highest possible user friendliness is (b) the need to eliminate the maximum number of intentional and unintentional human errors. Only ¼ of corporate database attacks are from outside a company and a full ¾ of all employees represent a security risk, therefore, it is desirable to ensure all corporate systems are clear and simple. If the majority of attacks occur inside the company, then in cases where the attacker s motive is intentional, they are either strengthening their position within the company, or selling information [17]. The key characteristics of Cryptelo Drive in terms of security and user-friendliness are shown in Table 3. The actual performance of the software cannot be evaluated without the considering the influence of the external environment and its users, which is why Cryptelo has from the beginning been built on an awareness of the full scale of security risks attributed to human factors. The most basic example is when writing the PIN code for a mobile phone on the back of a device or using simple passwords such as 1234, 1111, or password. Such silly human failures are still described as

9 highly significant current cyber security threats [18, 19]. We are aware that in some cases it is necessary to alert the user of the risks and guide them towards a more responsible approach. Maximum Security End-to-end encryption Client-side Encryption Unique key for each file Unique password for each login Anonymous space for each user Elimination of administrator power Everyday Usage Intuitive UI Remote registration No need for user training BYOD support No installation necessary web browser No complicated password management Table 3: Key Cryptelo Drive Characteristics. Source: original The idea of delivering quality software to a customer without sufficient information about how to use it responsibly, which goes beyond the functionality of the software, is not in accordance with the primary idea behind Cryptelo to ensure the maximum possible protection of data through a combination of appropriate security products. One of the key user features, based on the idea of maximizing data protection, is the elimination of the system administrator s power. It turns out that half of an average staff has access to protected and classified business information beyond their competency level [16]. An administrator who has access to the data and communications of other employees is a security risk to any company. The usage of thin clients (in web browsers), so users can access their data from anywhere, is expected to be a growing trend in applied cryptography entirely consistent with the requirements necessary for modern forms of communication and cooperation. Therefore, Cryptelo Drive has been made available as a web application, allowing data to be accessed instantly from any device laptop, tablet, mobile phone. Authorization is unnecessary on devices used to access the encrypted data, supporting BYOD and working from outside the office. Cryptelo doesn t protect the device from which the data is accessed, but directly protects the data itself. Targeting the ability to access data from anywhere is another expected trend in applied cryptography. Comprehensive data protection

10 and communication then can only be achieved by combining several suitable products: data protection and protected access devices see Table 4. With absolutely reliable Cryptelo Drive protection Data transmission Stored data Data sharing (both files and directory structure) User security (anonymous users, file and directory names) User privacy (no one except the user can see their own data) Without Cryptelo protection Devices that work with data in an unencrypted form Decrypted data on client s devices after they have left Cryptelo Table 4: What Cryptelo Drive protects and doesn t protect. Source: original 5 Individual Responsibility for the Content of Data in the Cloud Entrusting data to a third party can bring both security and economic risks from a rise in the cost of cloud services to the collapse of the provider, to a change in the rules of data disposal. One obstacle when managing one s own data may be having a cloud provider located in a jurisdiction other than that of the user. The content of stored data could in fact be illegal in another legal environment. Questions users should resolve with regards to the cloud computing are (a) what happens to their data if they were to stop using cloud services, (b) where the data is stored and what legal conditions exist there, and (c) who owns the stored data (see more in [20]). The concept of data ownership is key when accepting responsibility for its contents, e.g. for illegal data or unlawful activity. Some laws enable access to private data, or alternatively, to request the data be provided by the owner, as with the issue of cloud service providers discussed earlier. An example is the Patriot Act, a US law meant to unify and strengthen America by providing the appropriate tools required to prosecute and prevent terrorism since 2001 [21], allowing the movement and activities of people on the internet to be monitored in justified cases. One of the biggest criticisms of cloud computing comes from Richard Stallman who, at the beginning of the cloud computing boom, warned of the dangers

11 concerning privacy and the increased power of companies that store data [22]. Phalke [23] also highlighted the necessity to increase data security in the cloud, and protect it against loss and hacker attacks, as well as being controlled by large corporations or governments. Cryptelo is a system built from the ground up to be completely private and does not permit unauthorized persons to access encrypted data even upon request, making its use illegal in some countries. Cryptelo Drive offers all users a completely anonymous space, which neither the owner nor the administrator can see as both are considered potential attackers. For anyone unauthorized, it is impossible to obtain any information about the content of the data, including who has created and shared it; the very existence of communication between individual users cannot even be proven. More innovative and advanced attacking techniques may lead to the identification and abuse of the data flows themselves, their timing and the amount being shared between individual users. Responsibility for the contents of the stored data, in Cryptelo s case, falls on the users themselves and it is their responsibility to accept and legally dispose of it. The paper introduced the intellectual concept behind Cryptelo s corporate data protection in response to challenges presented by modern business characteristics, as well as those arising from deficiencies in cloud data protection. The discussion shows that a company s approach towards data protection depends on their awareness of the real value of their data and the actual degree of danger. The applied cryptographic solution should accommodate the users and their habits, doing whatever is possible to facilitate their work from the ground up, which is a de facto increase in overall system security. The quality of the proposed solution can never be experienced or measured in isolation from the users. References [ 1 ] Microsoft Enterprise: Velký třesk: Jak exploze objemných dat mění svět, Microsoft, cit [ 2 ] Birke, R. et al.: (Big) data in a virtualized world: volume, velocity, and variety in cloud datacenters, in Proceedings of the 12th USENIX conference on File and Storage Technologies, pp , [ 3 ] Junek, P.: Zálohování a archivace dat v podnikovém prostředí, cit

12 [ 4 ] Bohutínská, J.: Než skartujete fakturu, raději měřte dvakrát, Podnikatel.cz, cit [ 5 ] Morgan, C.: Jak dlouho skutečně vydrží média pro ukládání dat? 2. část, Storagecraft, cast/, cit [ 6 ] Morgan, C.: In the World of Cloud Backup Options, Which is Best, Talkin Cloud, [ 7 ] Cisco Global Cloud Index: Forecast and Methodology , White Paper, [ 8 ] Bernas, J.: Národní digitální archiv. Knihovna, 2009, 20, Nr. 1, pp [ 9 ] Lukášová, J.: Jak ve firmě archivovat doklady? I po letech musí být čitelné. Podnikatel.cz, cit [ 10 ] Ryan, P.: Study: amount of digital info global storage capacity, Ars Technica, 12, [ 11 ] Pužmanová, R.: Jak pochopit a uchopit cloud computing. IT Systems [ 12 ] Munro, D.: Assessing The Financial Impact Of 4.5 Million Stolen Health Records, cit [ 13 ] National Security Agency: Suite B Cryptography, cit [ 14 ] Personal page: Vlastimil Klima, [ 15 ] Čuchna, M.: Gartner: Deset trendů v IT pro rok 2015, cit [ 16 ] Ponemon Institute: Insecurity of Privileged Users Global Survey of IT Practitioners, Research Report, [ 17 ] S&T CZ: Většina tuzemských firem nepozná, že jim kradou data 67 % firem by podlehlo kybernetickému útoku, press release, [ 18 ] Raz, I.: Black hat, white hat: cyber from a different angle, lecture on Cybertech conference, Tel Aviv, 25 March 2015.

13 [ 19 ] Cerf, M.: Black hat, white hat: cyber from a different angle, lecture on Cybertech conference, Tel Aviv, 25 March [ 20 ] Brodkin, J.: Gartner: Seven cloud-computing security risks, Network Word, isk.pdf, cit [ 21 ] Uniting and Strengthening America by Providing Appropriate Tools Required to Interrupt and Obstruct Terrorism (USA PATRIOT ACT) Act of publ56.pdf [ 22 ] Johnson, B.: Cloud computing is a trap, warns GNU founder Richard Stallman, The Guardian, [ 23 ] Phalke, V.: Cloud in 2015, eight-trends-look/, cit

14