张海滨
As cloud storage becomes more common, data security is an increasing concern. Companies and schools have been increasing their use of services like Google Drive for some time, and lots of individual users also store files on Dropbox, Box, Amazon Drive, Microsoft OneDrive and the like. Theyre no doubt concerned about keeping their information private—and millions more users might store data online if they were more certain of its security.
Data stored in the cloud is nearly always stored in an encrypted form that would need to be cracked before an intruder could read the information. But as a scholar of cloud computing and cloud security, Ive seen that where the keys to that encryption are held varies among cloud storage services. In addition, there are relatively simple ways users can boost their own datas security beyond whats built into systems they use.
Who holds the keys?
Commercial cloud storage systems encode each users data with a specific encryption key. Without it, the files look like gibberish—rather than meaningful data.
But who has the key? It can be stored either by the service itself, or by individual users. Most services keep the key themselves, letting their systems see and process user data, such as indexing data for future searches. These services also access the key when a user logs in with a password, unlocking the data so the person can use it. This is much more convenient than having users keep the keys themselves.
But it is also less secure: Just like regular keys, if someone else has them, they might be stolen or misused without the data owner knowing. And some services might have flaws in their security practices that leave users data vulnerable.
Letting users keep control
A few less popular cloud services, including Mega and SpiderOak, require users to upload and download files through service-specific client applications that include encryption functions. That extra step lets users keep the encryption keys themselves. For that additional security, users forgo some functions, such as being able to search among their cloud-stored files.
These services arent perfect—theres still a possibility that their own apps might be compromised or hacked, allowing an intruder to read your files either before theyre encrypted for uploading or after being downloaded and decrypted. An encrypted cloud service provider could even embed functions in its specific app that could leave data vulnerable. And, of course, if a user loses the password, the data is irretrievable.
One new mobile app says it can keep phone photos encrypted from the moment theyre taken, through transmission and storage in the cloud. Other new services may arise offering similar protection for other types of data, though users should still be on guard against the potential for information to be hijacked in the few moments after the picture is taken, before its encrypted and stored.
Protecting yourself
To maximize cloud storage security, its best to combine the features of these various approaches. Before uploading data to the cloud, first encrypt it using your own encryption software. Then upload the encoded file to the cloud. To get access to the file again, log in to the service, download it and decrypt it yourself.
This, of course, prevents users from taking advantage of many cloud services, like live editing of shared documents and searching cloud-stored files. And the company providing the cloud services could still modify the data, by altering the encrypted file before you download it.
The best way to protect against that is to use authenticated encryption. This method stores not only an encrypted file, but additional metadata that lets a user detect whether the file has been modified since it was created.
Ultimately, for people who dont want to learn how to program their own tools, there are two basic choices: Find a cloud storage service with trustworthy upload and download software that is open-source and has been validated by independent security researchers. Or use trusted open-source encryption software to encrypt your data before uploading it to the cloud; these are available for all operating systems and are generally free or very low-cost.
云存储日益普及,人们也越来越关注数据安全。一段时间以来,众多公司和学校越来越多地使用谷歌云盘这类服务,很多个人用户也把文件存储在多宝箱、Box网盘、亚马逊云盘、微软网盘等云服务器上。用户无疑要关注个人信息的私密性,人们要是确信云端存储的安全性,可能还会有数以百万计的用户在线存储数据。
云端的数据绝大多数是以加密形式存储的,入侵者若要读取信息,必须先解密数据。我是云计算和云安全领域的学者,而我却发现密钥的保管地点因云存储服务商而异。此外,除了云服务商提供的系统安全措施外,用户还有一些相对简单的办法来增强数据的安全性。
密钥由谁保管?
商业云存储系统使用特定密钥为每位用户的数据加密。没有密钥,用户文件看起来只是乱码,而非有意义的数据。
那么由谁保管密钥呢?密钥或由服务方保管,或由个人用户方保管。大部分服务商会自己保管密钥,以便系统查看和处理用户数据,如为将来的检索做数据索引。用户使用密码登录时,这些服务商也同时获得密钥,从而解锁数据供该用户使用。这种方式远比让用户保管密钥方便得多。
但这种方式的安全性要差些:和普通钥匙一样,要是别人也有一把,那么在主人不知情的情况下,钥匙可能会被盗或误用。有些服务商的安全措施可能还存在漏洞,致使用户的数据易受攻击。
让用户掌有控制权
包括Mega和SpiderOak在内的几个比较小众的云服务商要求用户使用有加密功能的、针对特定服务开发的客户应用程序来上传和下载文件。这个额外的步骤使用户可以自己保管密钥。额外的安全性是用户牺牲部分功能换来的,如在云存储文件中检索的功能。
这些服务也并非完美无瑕,客户应用程序也可能被盗用或被攻击,使入侵者可在用户加密上传数据之前或下载解密之后读取文件。加密云服务供应商在其特定应用中嵌入的功能甚至会让数据易受攻击。而且,一旦用戶丢失密码,数据是不可找回的。
一款新的手机应用宣称,从照片拍摄开始到其在云端的传输、存储,手机照片始终处于加密状态。为其他数据形式提供类似保护的新服务也可能会出现,但用户还是应该保持警惕,在照片拍摄后、加密和存储之前的片刻,信息都有被劫持的可能。
自我保护
为了最大化云存储的安全性,我们最好是能把这几种方法的特点结合起来。数据上传之前,先用自己的加密软件给数据加密,然后再把加密过的文件上传到云端。再次获取文件时,登录云服务,下载后自行解密。
当然,这么做会妨碍用户利用许多云服务提供的功能,如在线编辑共享文件和查找云存储文件等。而且,云服务供应商仍然可以在你下载之前通过变更加密文件来修改数据。
最好的防范措施是使用验证加密。这个方法不仅存储了加密文件,还另外存储了元数据,能让用户看出文件在创建后是否有被修改过。
最后,给那些不想学习如何编程加密工具的人提供两个基本选择:找一个云服务商,其用于上传和下载的软件安全可靠,不仅开放源代码,而且通过了独立安全研究人员的验证;或使用值得信赖的开源加密软件,在你把数据上传至云端前给数据加密——所有操作系统都支持这两种方法,而且一般不收费或只收取极少费用。
(译者为“《英语世界》杯”翻译大赛获奖者)