loading
Documents

Research.Publish.Connect.

Paper

Authors: Kevin Foltz and William R. Simpson

Affiliation: Institute for Defense Analyses, United States

ISBN: 978-989-758-247-9

Keyword(s): Enterprise, Database, System Design, Confidentiality, Integrity, Enterprise Level Security, Homomorphic Encryption, Application Security, Security, Cloud Services, End-to-End Encryption, Key Management, Database Security.

Related Ontology Subjects/Areas/Topics: Cloud Computing ; Collaboration and e-Services ; Computer-Supported Education ; Data Engineering ; Databases and Data Security ; Databases and Information Systems Integration ; e-Business ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Large Scale Databases ; Mobile Software and Services ; Non-Relational Databases ; Ontologies and the Semantic Web ; Security ; Security and Privacy ; Services Science ; Software Agents and Internet Computing ; Software Engineering ; Software Engineering Methods and Techniques ; Telecommunications ; Web Services ; Wireless Information Networks and Systems

Abstract: Enterprise Level Security (ELS) is an approach to enterprise information exchange that provides strong security guarantees. It incorporates measures for authentication, encryption, access controls, credential management, monitoring, and logging. ELS has been adapted for cloud hosting using the Virtual Application Data Center (VADC) approach. However, a key vulnerability in placing unprotected data in the cloud is the database that stores each web application’s data. ELS puts controls on the end-to-end connection from requester to application, but an exploit of the back-end database can allow direct access to data and bypass ELS controls at the application. In a public cloud environment the data and web application may be vulnerable to insider attacks using direct hardware access, misconfiguration, and redirection to extract data. Traditional encryption can be used to protect data in the cloud, but it must be transferred out of the cloud and decrypted to perform processing, and then re -encrypted and sent back to the cloud. Homomorphic encryption offers a way to not only store encrypted data, but also perform processing directly on the encrypted values. This paper examines the current state of homomorphic encryption and its applicability to ELS. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.173.47.43

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Foltz, K. and Simpson, W. (2017). Enterprise Level Security with Homomorphic Encryption.In Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 978-989-758-247-9, pages 177-184. DOI: 10.5220/0006245901770184

@conference{iceis17,
author={Kevin Foltz. and William R. Simpson.},
title={Enterprise Level Security with Homomorphic Encryption},
booktitle={Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2017},
pages={177-184},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006245901770184},
isbn={978-989-758-247-9},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - Enterprise Level Security with Homomorphic Encryption
SN - 978-989-758-247-9
AU - Foltz, K.
AU - Simpson, W.
PY - 2017
SP - 177
EP - 184
DO - 10.5220/0006245901770184

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.