Design and Implementation of a Dockerized, Cross Platform, Multi-Purpose Cryptography as a Service Framework Featuring Scalability, Extendibility and Ease of Integration
{"title":"Design and Implementation of a Dockerized, Cross Platform, Multi-Purpose Cryptography as a Service Framework Featuring Scalability, Extendibility and Ease of Integration","authors":"A. Merdan, H. Aslan, Nashwa Abdelbaki","doi":"10.1109/ESOLEC54569.2022.10009317","DOIUrl":null,"url":null,"abstract":"Following cybersecurity standards nowadays is becoming one of the highest priorities to the digital specialists. Due to the global direction to apply digital transformation, data security is a concern. It becomes crucial to ensure data confidentiality, integrity, and availability whether while transmitting, at rest or even while processing it. The difficulty being faced by organizations, is the challenge of applying the needed security measures. Also, implementing, and maintaining the cryptographic algorithms that ensure the wellness of the data encryption. Having a crypto library or a server that can fit multiple use-cases is either too costly to implement, or expensive to buy (including licensing options, per user/server/year…etc.). The goal of our work is to identify the data protection challenges, by implementing a solution that could match a theoretical hypothesis of having cryptography as a service framework. The term “as a service” has been promoted lately due to its capabilities to provide a ready-made solution by the vendors to satisfy their customer base. In this paper, we are proposing a framework that works cross-platform with ease. It is a scalable, extendible solution with multiple hosting options, from an on-premises hosting to cloud hosting. The proposed framework is implemented and evaluated. The results show that the proposed framework can efficiently process enormous amounts of data. In addition, it could be easily accessed by standard HTTPS requests using JSON format. Also, proving the used deployment technique, we were able to evaluate it on-premises and on cloud with the same allocated resources, getting matching results.","PeriodicalId":179850,"journal":{"name":"2022 20th International Conference on Language Engineering (ESOLEC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 20th International Conference on Language Engineering (ESOLEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ESOLEC54569.2022.10009317","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Following cybersecurity standards nowadays is becoming one of the highest priorities to the digital specialists. Due to the global direction to apply digital transformation, data security is a concern. It becomes crucial to ensure data confidentiality, integrity, and availability whether while transmitting, at rest or even while processing it. The difficulty being faced by organizations, is the challenge of applying the needed security measures. Also, implementing, and maintaining the cryptographic algorithms that ensure the wellness of the data encryption. Having a crypto library or a server that can fit multiple use-cases is either too costly to implement, or expensive to buy (including licensing options, per user/server/year…etc.). The goal of our work is to identify the data protection challenges, by implementing a solution that could match a theoretical hypothesis of having cryptography as a service framework. The term “as a service” has been promoted lately due to its capabilities to provide a ready-made solution by the vendors to satisfy their customer base. In this paper, we are proposing a framework that works cross-platform with ease. It is a scalable, extendible solution with multiple hosting options, from an on-premises hosting to cloud hosting. The proposed framework is implemented and evaluated. The results show that the proposed framework can efficiently process enormous amounts of data. In addition, it could be easily accessed by standard HTTPS requests using JSON format. Also, proving the used deployment technique, we were able to evaluate it on-premises and on cloud with the same allocated resources, getting matching results.