Back
 JIS  Vol.9 No.4 , October 2018
On the Significance of Cryptography as a Service
Abstract: Cryptography as a service is becoming extremely popular. It eases the way companies deal with securing their information without having to worry about their customer’s information being accessed by someone who should not have access to it. In this overview, we will be taking a closer look at Cryptography as a Service. The ground we will be examining is the effectiveness of it for mobile/wireless and desktop computing. Since we will be looking at something that operates as a service, we will need to first cover the application program interface (API) basics [1] or standard software as a service (SaaS) [2]. Next, what exactly cryptography as a service means for each of the aforementioned platforms. Lastly, other possible solutions and how they compare to CaaS. For the purpose of this review, we will be looking at CaaS in a cloud environment since typical SaaS is used that way. Subsequently most cloud environments utilize a UNIX based operating system or similar solution, which will be the target environment for the purpose of this paper. Popular algorithms that are used in CaaS will be the final part that will be examined on the grounds of how they perform, level of security offered, and usability in CaaS. Upon reading this paper the reader will have a better understanding of how exactly CaaS operates and what it has to offer for mobile, desktop, and wireless users in the present and future.
Cite this paper: Rahimi, N. , Reed, J. and Gupta, B. (2018) On the Significance of Cryptography as a Service. Journal of Information Security, 9, 242-256. doi: 10.4236/jis.2018.94017.
References

[1]   Turner, M., Budgen, D. and Brereton, P. (2003) Turning Software into a Service. Computer, 36, 38-44. https://doi.org/10.1109/MC.2003.1236470

[2]   Gartner IT Glossary (2017) Software as a Service (SaaS) from the Gartner IT Glossary. http://www.gartner.com/itglossary/software-as-a-service-saas/

[3]   Buxmann, P., Hess, T. and Lehmann, S. (2008) Software as a Service. Business Informatics, 50, 500-503. https://doi.org/10.1007/s11576-008-0095-0

[4]   Godse, M. and Mulik, S. (2009) An Approach for Selecting Software-as-a-Service (SaaS) Product. 2009 IEEE International Conference on Cloud Computing, Bangalore, 21-25 September 2009, 155-158. https://doi.org/10.1109/CLOUD.2009.74

[5]   Miller, S.K., Mandato, F.E. and Gursahaney, S.K. (1995) System, Data Processing Method and Program to Provide a Programmable Interface between a Workstation and an Archive Server to Automatically Store Telephone Transaction Information. US Patent No. 5402474.

[6]   Berson, T., Dean, D., Franklin, M., Smetters, D. and Spreitzer, M. (2001) Cryptography as a Network Service. Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS).

[7]   Bugiel, S., Nurnberger, S., Sadeghi, A. and Schneider, T. (2011) Twin Clouds: An Architecture for Secure Cloud Computing. In: De Decker, B., Lapon, J., Naessens, V. and Uhl, A., Eds., Communications and Multimedia Security. CMS 2011. Lecture Notes in Computer Science, vol 7025. Springer, Berlin, Heidelberg.

[8]   Schneier, B. (2007) Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley & Sons, New York.

[9]   https://www.tutorialspoint.com/http/http_requests.htm

[10]   Robinson, P. (2017) Cryptography as a Service.
https://www.rsaconference.com/writable/presentations/file_upload/adsr01-cryptography-as-a-service.pdf

[11]   Robinson, P. (2017) Applying Cryptography as a Service to Mobile Applications.
https://www.rsaconference.com/writable/presentations/file_uplad/csv-f02applying-cryptography-as-a-service-to-mobile applications_final.pdf

[12]   Kumar, K., Liu, J., Lu, Y.H. and Bhargava, B. (2013) A Survey of Computation Offloading for Mobile Systems. Mobile Networks and Applications, 18, 129-140.
https://doi.org/10.1007/s11036-012-0368-0

[13]   Bethencourt, J., Sahai, A. and Waters, B. (2007) Ciphertext-Policy Attribute-Based Encryption. IEEE Symposium on Security and Privacy, Oakland, 20-23 May 2007, 321-334.
https://doi.org/10.1109/SP.2007.11

[14]   Berson, T., Dean, D., Franklin, M., Smetters D. and Spreitzer, M. (2017) Cryptography as a Network Service.
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.212.3075&rep=ep1&type=pdf

[15]   Gampala, V., Inuganti, S. and Muppidi, S. (2012) Data Security in Cloud Computing with Elliptic Curve Cryptography. International Journal of Soft Computing and Engineering, 2, 138-141.

[16]   French, G. and Cvrcek, D. (2017) Cryptography as A Service Barclays Crypto Application Gateway and Beyond. http://spi.unob.cz/papers/2013/2013-08.pdf

[17]   Hossein, R., Elankovan, S. and Zulkarnain, A. (2017) Encryption as a Service (EaaS) as a Solution for Cryptography in Cloud. Elsevier, New York.

[18]   Takabi, H., Joshi, J.B. and Ahn, G.J. (2010) Security and Privacy Challenges in Cloud Computing Environments. IEEE Security & Privacy, 6, 24-31.
https://doi.org/10.1109/MSP.2010.186

[19]   Parno, B., Kuo, C. and Perrig, A. (2013) U.S. Patent No. 8,352,738. U.S. Patent and Trademark Office, Washington DC.

[20]   Aw Ideler, H. (2012) Cryptography as a Service in a Cloud Computing Environment.

[21]   Hamlen, K.W., Morrisett, G. and Schneider, F.B. (2006) Computability Classes for Enforcement Mechanisms. ACM Transactions on Programming Languages and Systems, 28, 175-205.
https://doi.org/10.1145/1111596.1111601

 
 
Top