Question

(a) If you have both sensitive and non-sensitive data, how will you achieve precision in terms of disclosure? (b) In the context of Cloud Computing Security, give an example of a SAS product and briefly explain it. (c) As a client, what solution will you implement if your cloud service provider does not offer TNO. In that particular implementation, how are two levels of encryption used? What is the additional advantage of this kind of implementation?

Answer 1

Question :

(a) If you have both sensitive and non-sensitive data, how will you achieve precision in terms of disclosure?

Answer : Sensitive data means the data which should be protected or keeping as secret from others. If we have both sensitive and non-sensitive data , we apply encryption methods on sensitive data to secure from others. By encrypting the sensitive data , even hackers access the data they don't the original data. By this way we achieve the precision interms of disclosure.

(b) In the context of Cloud Computing Security, give an example of a SAS product and briefly explain it.

Answer : SAS is defined as the Software as a Service , the cloud providers design a software, that allows users to access it over internet. Google meet is the example of SAS product. It allows users to make virtual meetings online. Users are provided with credentials to login into the software to do theirs work. By this way ,cloud computing provide security for their work or communications.

(c) As a client, what solution will you implement if your cloud service provider does not offer TNO. In that particular implementation, how are two levels of encryption used? What is the additional advantage of this kind of implementation?

Answer : TNO(Trust no one) is the security provided to data stored on the cloud.By this TNO , it minimizes the trusting third parties who want to access the data. If it is not offered by the cloud provider, as a client we will implement another solution is "Authentication".

Authentication verifies the person identity before accessing data. In this authentication implementation, digital signatures are considered as the user identity uses for authentication. For these digital signature creation, encryption methods are used. The two levels of encryption is used to encrypt the key of creating digital signature. Encrypted key is again encrypted to provide more Security to the private key used to create digital signature. The advantage of this implementation is avoids the access of data from unauthorized users or third party persons. It adds more and more Security to the data.