Cloud Computing is, simply, a technology that
enables data storage and processing take place outside of mobile devices. When
combined with the Internet of Things (IoT) it achieves a much better
environment for the use of Big Data.
While the integration of these technologies
can bring about several advancements, there are security concerns that need to
be addressed. Recently, an algorithm has been proposed to put some of these
security concerns to rest.
Integration of IoT and Cloud
Computing
IoT can be defined as a network of physical items
that are capable of being connected to a network. These interconnected items
can both gather and store data, whether the items are devices, vehicles, or
buildings. The data collected and used across these devices is large, complex,
and needs to be analyzed. This is where Big Data comes into play. To operate, Big
Data uses Cloud Computing as a base technology. As this
base technology, Cloud Computing then works to get the maximum capacity and
performance out of the existing infrastructure.
While the combination of the IoT, Cloud
Computing, and Big Data can offer access to information and data at any time in
any location, there is still the potential issue of personal data security.
Initial Privacy Problems
IoT technology can consist of cyber-physical
systems like automatic sensors, actuators, and embedded systems that will
interact with humans for real-time support, security, personality, and
high-level support.
The greatest asset of IoT also doubles as the
biggest weakness. The ability for devices to connect and transmit data through
networks is great until a cyberattack threatens the security of the device and
your data. If a single device is affected by malware, it can trigger a domino
effect, negatively impacting every piece of technology on the network.
This often happens due to vulnerabilities in
the communication software of devices connected to much more important devices
in the network. These vulnerabilities can arise in anything from security cameras to vending machines.
For these issues to be rectified, an IoT
device that needs to be directly accessed through the Internet should be
portioned into its own network. The
device is separated from others in its vicinity and placed on its own wireless network. While the device
would still have internet access, it would be on a separate virtual local area
network or VLAN. This makes it easier to be regularly monitored to identify any
signs of abnormal traffic.
Additionally, Cloud Computing offers storage,
applications, and service functionality over the internet. Thus, because
internet security vulnerabilities are constantly changing, Cloud Computing must
also evolve to protect personal information, data, and applications. When we use applications such as Microsoft,
Adobe, or Slack, we trust that our data is safe.
Unfortunately, the answer to whether or not to share your personal data in
the cloud isn't as straightforward as we would like. While cloud services do
take precautions for the information that is uploaded, it is ultimately all
pooled in the same cloud.
Big Data that is stored in the cloud is
especially at risk to hackers. The problem is, once data is uploaded to the
cloud, it can't be encrypted by the users. It needs to be decrypted for the cloud
to perform operations with the data.
Security issues were also found during the use
and development of Big Data technology. Technologies that specialize in
securing data often run slower when applied to large amounts of data. This
created a need for security technology to both protect and process these large
amounts of data effectively.
Possible Security Issues of Cloud
Computing and IoT Integration
Combining the technologies of Cloud Computing
and IoT can result in a symbiotic relationship. Cloud Computing can make up
where IoT is lacking in limited storage or applications over the internet. On
the other hand, without IoT, the Cloud would have nowhere to pull its data
from.
When critical IoT applications move to merge
with Cloud Computing technology, additional concerns arise. For example, there
is a level of concern about the lack of trust in internet service providers.
The knowledge of service level agreements and the lack of understanding about
the physical locations of data also leaves much to
be desired.
For example, a large amount of data needs to
be stored and managed at a data center.
However, the user whose data is being stored has no idea where this
location is. We don't know who is storing this information or what they could
be doing with it.
One of the biggest challenges in the
integration of these two technologies relates to the heterogeneity of devices
and systems. These systems operate very differently, with a wide variety of
communication methods, protocols, and network connectivity options.
So, with all these problems, is a solution
possible?
The AES Algorithm
The solution could be encryption, but not just
any type of encryption will work to protect data.
The Advanced Encryption Standard (AES) algorithm may help to resolve many of the
aforementioned security concerns. It's fast, flexible, and can be implemented
across different platforms. As a bonus, it performs consistently well across
both hardware and software in various environments.
Put simply, the AES algorithm is a type of encryption that keeps your information out of
the wrong hands. It works by changing plain text into cipher text, which
appears as random characters. To decrypt this text, a special key is needed by
both the sender and receiver of the information.
AES uses symmetric key encryption. This means
that you need the same keys for the encryption of plain text and the
decryption of cipher text. Read more on that here. Without this encryption, data is much
easier to intercept and access. In this way, only those who are authorized to
have this information will have access to it.
There are no serious weak keys in AES, and it
has speedy key setup time and good key agility.
This makes it a great candidate to handle
large amounts of data in the cloud without being subjected to sluggish
processing.
This collected information can then be
transmitted between machines that are supported by IoT technology. Then, the
information can be safely and securely processed and computed through the
support of different Cloud Computing services.
What Does the Algorithm
Accomplish?
Experiments suggested that the AES algorithm
helps achieve secure Cloud Computing and IoT integration. Through this
integration, and utilization of AES, the Cloud-based IoT system would not only
be able to connect sensors but to also allow them to share their readings with
other sensors.
Sensors being able to connect and share
information securely to the cloud would give companies real-time reports and
data; it increases efficiency and protects sensitive data at the same
time. With the support of IoT
technologies, this makes it possible for both hardware manufacturing resources
and software manufacturing to be intelligently perceived and connected to wider
networks.
The proposed algorithm model combines Cloud
Computing and IoT technologies while improving the security of data usage.
Through encryption and the added security of symmetrical keys of the AES
algorithm, users can feel confident that their data is safe. This may be the
first of many steps towards further improving the integration of Cloud
Computing and IoT technologies.
##
About the Author
Daniel Browning is the Business Development
Coordinator at Automation Webstore.
In his spare time, he writes about automation, AI, technology, and the IoT.