A new executive brief published by IDC examines one of the major obstacles organizations face when committing resources and applications to cloud computing. At stake is the issue of validating the integrity and authenticity of data within a cloud environment.
"When the data is hosted onsite, this process of data integrity can certainly be a challenge. However, when data is not hosted within the traditional internal IT data center environment, there needs to be a method of ensuring indisputable data integrity," cites the report.
Titled "Data Integrity in the Big Data Digital Age", the research paper ties the current Big Data phenomenon with cloud computing, making a case for how organizations must grapple with analyzing and basing decisions on petabytes of unstructured data, yet rarely questioning the authenticity of this data.
Questions the report seeks to answer include: Has my data been tampered with? Is the data source legitimate? How can indisputable proof be offered that data integrity remains intact? And in cases that involve the legal system, how to bring documents, log files, or audio files to the level where they can be admitted as irrefutable evidence?
These questions take the data integrity argument well beyond the premise and perimeter of IT security matters. Few options exist today that can achieve tamper-proof data security outside of the reliance on third-party certification authorities, or the unwieldy management of a public key infrastructure. What’s required is a way to validate, verify, and self-authenticate the data independently of any third-party agency.
Sponsored by GuardTime, the executive brief details a compelling case for the adoption of Keyless Signatures, explaining how the mathematically-driven system works. The Keyless Signature technology is used to provide indisputable proof of time, origin, and integrity for electronic data.
"The goal of the keyless signature technology is to provide mass-scale, non-expiring data validation while eliminating the need for secrets or other forms of trust, thereby reducing or even eliminating the need for more complex certificate-based solutions, as these are ripe with certificate management issues, including expiration and revocation," the paper explains.
"A keyless signature provides an alternative method to key-based technologies by providing proof and non-repudiation of electronic data using only hash functions for verification. The implementation of keyless signature is done via a globally distributed machine, taking hash values of data as inputs and returning keyless signatures that prove the time, integrity, and origin (machine, organization, individual) of the input data."
"Any client using the keyless signature service can make a request to sign any data item it has access to; a log file, XML file, office document, database record, SWIFT transaction, FPML message, eDiscovery productions, etc. In return, the client will receive a keyless signature which can be stored along side the signed data, within the signed data, or in a repository separate from the signed data for backup and archival purposes."
By signing the data using GuardTime’s Keyless Signatures , an organization can automatically detect when and where the data was created or transferred, and if the data has been tampered with or not. An alert is sent to the customer when an abnormal status is detected.
In this manner, organizations can assure the integrity of data and confirm the location where data exists, providing a full audit trail of data usage and storage in the Cloud.
The report concludes with "The keyless nature of this technology helps reduce the footprint by removing the need for cipher keys and passwords, which arguably can also be lost or mislaid, and since the integrity can be validated by the document owners, the ability to leverage the cloud computing platform places it well for future adoption."
The full report can be found here: http://www.guardtime.com/whitepapers
About GuardTime:
GuardTime was founded with the goal of solving one of the biggest problems in computing: how to be sure electronic data is authentic. GuardTime's Keyless Signatures provide proof of origin and that not a single bit of the data has changed since a specific point in time. The verification of the signatures can be done offline without reliance on keys, secrets, or the existence of a trusted third party. GuardTime's mission is to change the world to one in which Keyless Signatures are ubiquitous and a natural part of the everyday data lifecycle, whether on disk, in transit, or in the Cloud. The company was recently selected as co-winner of the Innotribe $100K Start-Up Challenge, honoring the company as one of the world's most promising financial technology start-ups. Visit http://www.guardtime.com for more information about using Keyless Signatures for signing your data.