Cloud infrastructures can be roughly categorized as either private or public. In a private cloud, the infrastructure is managed and owned by the customer and located on-premise (i.e., in the customer’s region of control). In particular, this means that access to customer data is under its control and is only granted to parties it trusts. In a public cloud the infrastructure is owned and managed by a cloud service provider and is located off-premise (i.e., in the cloud service provider’s region of control). This means that customer data is outside its control and could potentially be granted to un-trusted parties.
Storage services based on public clouds such Amazon’s S3 provide customers with scalable and dynamic storage. By moving their data to the cloud customers can avoid the costs of building and maintaining a private storage infrastructure, opting instead to pay a service provider as a function of its needs. For most customers, this provides several benefits including availability (i.e., being able to access data from anywhere) and reliability (i.e., not having to worry about backups) at a relatively low cost.
While the benefits of using a public cloud infrastructure are clear, it introduces significant security and privacy risks. In fact, it seems that the biggest hurdle to the adoption of cloud storage (and cloud computing in general) is concern over the confidentiality and integrity of data.
Ideally we should aim to achieve the “best of both worlds” by providing the security of a private cloud and the functionality and cost savings of a public cloud.Thus we need to achieve:
2. integrity: no unauthorized modification of customer data by the cloud storage provider,
while retaining the main benefits of a public storage service:
3. efficient retrieval: data retrieval times are comparable to a public cloud storage service
4. data sharing: customers can share their data with trusted parties.
Main privacy concerns with cloud computing were outlined by the Cloud Security Alliance.
SentryCom novel software app. addresses these concerns as following:
1.Regulatory compliance. Most countries have laws in place that make organizations responsible for the protection of the data that is entrusted to them. SentryCom customers can be assured that the confidentiality of their data is preserved irrespective of the actions of the cloud storage provider. This greatly reduces any legal exposure for both the customer and the provider.
2.Geographic restrictions. Data that is stored in certain legal jurisdictions may be subject to regulations even if it was not collected there.
In SentryCom software app. data is only stored in encrypted form so any law that pertains stored data has little to no effect on the customer. This reduces legal exposure for the customer and allows the cloud storage provider to make optimal use of its storage infrastructure, thereby reducing costs.
3.Subpoenas. If an organization becomes the subject of an investigation, law enforcement agencies may request access to its data. If the data is stored in a public cloud, the request may be made to the cloud provider and the latter could even be prevented from notifying the customer. This can have severe consequences for customers, since it preempts the customer from challenging the request. In a SentryCom software app., since data is stored in encrypted form and since the customer retains possession of data access rights, any request for the data must be made directly to the customer.
4.Security breaches. Even if a cloud storage provider implements strong security practices there is always the possibility of a security breach. If this occurs the customer may be legally responsible.
Cloud computing encompasses both a server and a client side. With emphasis typically placed on the former, the latter can be easily overlooked. Having a backdoor Trojan, keystroke logger, or other type of malware running on a client device undermines the security of cloud or other Web-based services. SentryCom software app. is malware resilient.
4.Data retention and destruction. In many cases a customer may be responsible for the retention and destruction of data it has collected. Inability to decrypt data on the cloud makes this straightforward.
SentryCom allows the users of Cloud-based Webmail such as GMail or Cloud-based file storage services such as Dropbox to address the privacy issues in the most convenient and secure fashion , while keeping all the advantages of these popular services .
All you have to do is :
1. Choose the file you want (any type)
2. Choose file delivery method (save to Dropbox folder or send to Webmail)
3. Define file recipient (yourself for backup, or your colleague(s))
4. Click encrypt.
The file will be encrypted with top-secret grade AES 256 bit key, that will be stored at SentryCom MACS-Managed Authentication & Crypto Service. To request this key in the real-time- file recipient will need to perform malware-resilient multi-factor strong authentication vs. SentryCom MACS. This process, performed independently from Cloud Service Provider, ensures customer's privacy. No one , except specified file recipient(s)
Please contact SentryCom http://www.sentry-
# # #
SentryCom is a SaaS provider of user-friendly solutions for ID Fraud prevention, using proprietary and patented Strong Authentication and Crypto technologies,reducing ID Fraud revenue losses and at the same time reducing the cost of ID Fraud prevention.