Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label cloud service providers. Show all posts
Quantum- safe Encryption
Cloud cloud service providers Cyber Security Digital Signatures Google Google Cloud PQC Quantum threats Quantum- safe Encryption

Google Cloud Introduces Quantum-Safe Digital Signatures

 

As quantum computing advances, Google Cloud is taking a significant step toward securing its platform against future threats. The company has announced the introduction of quantum-safe digital signatures in its Cloud Key Management Service (KMS), currently available in preview. 

This move is part of a broader initiative to prepare for the potential risks that quantum computers pose to modern encryption systems. While fully capable quantum computers are not expected to be widely available for at least a decade, they could one day break most of today’s encryption methods in a matter of hours. This looming possibility has led to concerns over a harvest-now-decrypt-later strategy employed by cybercriminals. 

In this method, attackers steal encrypted data today, intending to decrypt it once quantum computing becomes powerful enough. To counter this risk, researchers are developing post-quantum cryptography (PQC)—encryption techniques specifically designed to withstand quantum attacks. One major security risk posed by quantum computing is the potential forgery and manipulation of digital signatures. 

Digital signatures authenticate documents and communications, ensuring they have not been tampered with. If compromised, they could allow attackers to impersonate legitimate users, forge transactions, or spread malware under trusted identities. Google Cloud recognizes the importance of addressing these concerns early and has introduced quantum-resistant digital signatures to build a more secure infrastructure. 

This initiative also aims to set an industry precedent for other cloud service providers. As part of its commitment to transparency and security, Google Cloud has announced that its quantum-related cryptographic implementations will be included in its open-source cryptographic libraries, BoringCrypto and Tink. This allows security researchers and developers to review, audit, and contribute to these implementations, ensuring their robustness against potential threats. 

The new quantum-safe digital signatures in Cloud KMS specifically implement ML-DSA-65 and SLH-DSA-SHA2-128S, two PQC algorithms that adhere to NIST (National Institute of Standards and Technology) standards. Google Cloud has also confirmed plans to integrate additional PQC algorithms into its Hardware Security Modules (HSMs), which are specialized devices designed to provide extra layers of cryptographic security.  

By rolling out these quantum-resistant digital signatures, Google Cloud is giving customers the opportunity to test PQC algorithms in Cloud KMS and provide feedback on their performance and integration. This allows businesses to prepare for a post-quantum future, ensuring their data remains secure even as computing power evolves. 

Google Cloud sees this initiative as a crucial first step toward a fully quantum-resistant cloud ecosystem, demonstrating its dedication to staying ahead of emerging cybersecurity challenges.
Read more »
multicloud environment
Aviatrix cloud service providers Cyber Security Flexera Google Cloud Platform Microsoft Azure multicloud environment

Businesses Rely on Multicloud Security to Protect Cloud Workloads


On Thursday, cloud networking company Aviatrix unveiled its new Distribution Cloud Firewall security platform, which integrates traffic inspection and policy enforcement across multicloud environment.

According to Rod Stuhlmuller, VP of solutions marketing at Aviatrix, the company utilizes native cloud platform features and its own technology to give businesses a centralized look into the security of their cloud workloads and the flexibility to send out the same guidelines to different clouds.

"The architecture is really what's new, not necessarily the capabilities of each of the features[…]It's very different than having to reroute traffic to some centralized inspection point for whatever security capabilities you're talking about — that just becomes very complex and expensive to do," he said.

According to a survey by Flexera, “Flexera 2023 State of the Cloud Report,” a vast majority of companies (87%) have switched to a multicloud architecture, with the majority (72%) adopting a hybrid strategy that integrates both private cloud infrastructure and public cloud services. According to Flexera, managing multicloud architectures and securing cloud infrastructure are among the top concerns for businesses, with 80% and 78% of them grappling, respectively.

Security may suffer if businesses distribute workloads among numerous cloud service providers (CSPs). According to Patrick Coughlin, vice president of technical go-to-market for Splunk, a data and insights cloud platform, companies may rapidly lose visibility into the security of their cloud infrastructure because CSPs handle security policies, traffic inspection, and workload deployment differently.

The Multicloud Security Mess

Initially, many providers built virtual versions of their firewall appliances and used them as entry points to cloud infrastructure, but John Grady, principal analyst for cybersecurity at Enterprise Strategy Group, says that managing those virtual firewalls has gotten harder, especially when using multiple cloud platforms.

"Virtual firewall instances have been around for a while, but there's been an acknowledgement over the last couple of years that these deployments can be complex and cumbersome and don't take advantage of the key benefits the cloud offers[…] we've seen a general shift toward more cloud-native network security solutions," says Stuhlmuller.

Finding a solution to the expanding complexity is essential as more enterprises use numerous infrastructure-as-a-service (IaaS) solutions from the leading cloud providers, Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

By employing their native security groups, Aviatrix, for instance, enables businesses to develop an abstracted policy that can be applied across all cloud platforms without the administrator having to visit each one. The number of containers and virtual machines that need to be upgraded for businesses with expanding workloads, driven by microservice-based software architecture, can soar, according to Stuhlmuller.

"It's not that we're putting firewalls everywhere, but we're putting the inspection and enforcement capability into the network into the natural path of traffic, with a [single management console] that allows us to do central creation of policy but push that distributed inspection enforcement out everywhere in the network," he says.

Forrester Research lists Palo Alto Networks, Trellix, Trend Micro, Rapid7, and Check Point Software Technologies as additional significant vendors that concentrate on cloud workload security, but with various approaches to the technologies.  

Read more »
Subscribe to: Posts (Atom)