A new executive brief published by IDC examines one of the major obstacles
organizations face when committing resources and applications to cloud
computing. At stake is the issue of validating the integrity and authenticity
of data within a cloud environment.
"When the data is hosted onsite, this process of data integrity can
certainly be a challenge. However, when data is not hosted within the
traditional internal IT data center environment, there needs to be a method of
ensuring indisputable data integrity," cites the report.
Titled "Data Integrity in the Big Data Digital Age", the research
paper ties the current Big Data phenomenon with cloud computing, making a case
for how organizations must grapple with analyzing and basing decisions on
petabytes of unstructured data, yet rarely questioning the authenticity of this
data.
Questions the report seeks to answer include: Has my data been tampered with?
Is the data source legitimate? How can indisputable proof be offered that data
integrity remains intact? And in cases that involve the legal system, how to
bring documents, log files, or audio files to the level where they can be
admitted as irrefutable evidence?
These questions take the data integrity argument well beyond the premise and
perimeter of IT security matters. Few options exist today that can achieve
tamper-proof data security outside of the reliance on third-party certification
authorities, or the unwieldy management of a public key infrastructure. What’s
required is a way to validate, verify, and self-authenticate the data
independently of any third-party agency.
Sponsored by GuardTime,
the executive brief details a compelling case for the adoption of Keyless
Signatures, explaining how the mathematically-driven system works. The Keyless
Signature technology is used to provide indisputable proof of time, origin, and
integrity for electronic data.
"The goal of the keyless signature technology is to provide mass-scale,
non-expiring data validation while eliminating the need for secrets or other
forms of trust, thereby reducing or even eliminating the need for more complex
certificate-based solutions, as these are ripe with certificate management
issues, including expiration and revocation," the paper explains.
"A keyless signature provides an alternative method to key-based
technologies by providing proof and non-repudiation of electronic data using
only hash functions for verification. The implementation of keyless signature
is done via a globally distributed machine, taking hash values of data as
inputs and returning keyless signatures that prove the time, integrity, and
origin (machine, organization, individual) of the input data."
"Any client using the keyless signature service can make a request to sign
any data item it has access to; a log file, XML file, office document, database
record, SWIFT transaction, FPML message, eDiscovery productions, etc. In
return, the client will receive a keyless signature which can be stored alongside
the signed data, within the signed data, or in a repository separate from the
signed data for backup and archival purposes."
By signing the data using GuardTime’s Keyless Signatures, an organization can
automatically detect when and where the data was created or transferred, and if
the data has been tampered with or not. An alert is sent to the customer when
an abnormal status is detected.
In this manner, organizations can assure the integrity of data and confirm the
location where data exists, providing a full audit trail of data usage and
storage in the Cloud.
The report concludes with "The keyless nature of this technology helps
reduce the footprint by removing the need for cipher keys and passwords, which
arguably can also be lost or mislaid, and since the integrity can be validated
by the document owners, the ability to leverage the cloud computing platform
places it well for future adoption."
The full report can be found here: http://www.guardtime.com/whitepapers
About GuardTime:
GuardTime was founded with the goal of solving one of the biggest problems in
computing: how to be sure electronic data is authentic. GuardTime's Keyless
Signatures provide proof of origin and that not a single bit of the data has
changed since a specific point in time. The verification of the signatures can
be done offline without reliance on keys, secrets, or the existence of a
trusted third party. GuardTime's mission is to change the world to one in which
Keyless Signatures are ubiquitous and a natural part of the everyday data
lifecycle, whether on disk, in transit, or in the Cloud. The company was
recently selected as co-winner of the Innotribe $100K Start-Up Challenge,
honoring the company as one of the world's most promising financial technology
start-ups. Visit http://www.guardtime.com for more information about using
Keyless Signatures for signing your data.
