In: Computer Science
Sub: cloud computing
Based on below scenario answer the question
With DTGOV’s client portfolio expanding to include public-sector
organizations, many of it cloud computing policies have become
unsuitable and require modification. Considering that public-sector
organizations frequently handle strategic information, security
safeguards needs to be established to protect data manipulation and
to establish a means of auditing activities that may impact
government operations.
What security measures would have been implemented by DTGOV to
resolve this?
Answer:
Cloud Security Mechanisms:
-Encryption
-Hashing
-Digital Signature
-Public Key Infrastructure(PKI)
-Identity and Access Management(IAM)
-Single Sign-On(SSO)
-Cloud-Based Security Groups
-Hardened Virtual Server Images.
Digital Signature:
The digital signature mechanism is a means of providing data authenticity and integrity through authentication and non-repudiation.A message is assigned a digital signature prior to transmission,which is then rendered invalid if the message experiences any subsequent,unauthorized modifications.A digital signature provides evidence that the message received is the same as the one created by its rightful sender.
Both hashing and asymmetrical encryption are involved in the creation of a digital signature,which essentially exists as a message digest that was encrypted by a private key and appended to the original message.The recipient verifies the signature validity the signature validity and uses the corresponding public key to decrypt the digital signature,which produces this message digest.Identical results from the two different processes indicate that the message maintained its integrity.
DTGOV proceeds to implement the digital signature mechanism.Virtual server self-provisioning inside the IaaS environment and the tracking functionality of realtime SLA and billing are all performed via Web portals.As a result,user error or malicious actions could result in legal and financial consequences.
-Whenever a cloud consumer performs a management action that is related to IT resources provisioned by DTGOV,the cloud service consumer program must include a digital signature in the message request to prove the legitimacy of its user.
Digital signatures provides DTGOV with the guarantee that every action performed is linked to its legitimate originator.Unauthorized access is expected to become highly improbable,since digital signatures are only accepted if the encryption key is identical to the secret key held by the rightful owner.Users will not have grounds to deny attempts at message adulteration because the digital signatures will confirm message integrity.