Читать книгу Cyber Security and Network Security - Группа авторов - Страница 16

In today’s world that is mostly through applications interacting over the internet, data security both inside and outside the client devices is a very critical topic. MSME sector and the new enterprises coming up are mostly shifting to the cloud space for grabbing up the opportunities of the virtual market that are coming up and shifting their work culture to the online space. Thus, the enterprise communication that was mainly happening in offline methods, behind closed doors, and locked storage rooms with files has now shifted to a more public space, files being routed through the public internet to public facing servers. Resulting in a whole new domain of security and compliance problems as many of the servers for Public/Hybrid Cloud models fall under a joint ownership between two or more parties/stakeholders. Thus, securing the data in transit, i.e., coming in and out of the cloud, and the data in rest, i.e., the data lying inside the cloud, needs to be encrypted such that no third party can access it without the consent of its owner. In this proposed research model, it is proposed that data from a client application as in an enterprise communication application are encrypted using modified algorithms which would be accessible securely through a series of access control functionalities with least privilege access policies. The data is further packed up and are transported over the SSL layers to an server side application instance running in a public cloud (here)/private cloud which shall decrypt the information coming through and sorts the data accordingly and further saves them into the object-based storages, NoSQL, and Ledger databases with high availability and security at rest. The data at rest is further encrypted, can be packed up, and sent back to the client application when requested with necessary encryption in transit criteria fulfilled. The transactions are carried out using role-based assigning systems and least access privilege access mode, thus successfully stopping the concepts of threats to privacy, data eavesdropping, threat to personal security, etc.

Keywords: Enterprise, architecture, secure, application, data, cloud, encryption, threats