الفهرس 
IntroudctionOnly 14 pages are availabe for public view
 |  | from | 16 |  |  |
| | | from | 16 | | |
Abstract
The contributions of this dissertation can be briefly concluded as follows.
8.1.1 Cloud Computing Concerns
Cloud computing is an emerging trend of distributed computing technology that is very useful in present day to day life, it uses the internet and the central remote servers to provide and maintain data as well as applications. Such applications in turn can be used by the end users via the cloud communications without any installation. Moreover, cloud users’ data files can be accessed and manipulated from any other computer using the internet services. Despite the flexibility of data and application accessing and usage that cloud computing environments provide, there are many questions still coming up on how to gain a trusted environment that protects data and applications in the clouds from hackers and intruders. Consequently, a set of critical security issues, such as privacy, confidentiality, integrity, availability, traceability, and reliability must be provided. Therefore, the improvement of cloud computing technology is reinforced by the improvement of the various modern encryption algorithms and key management mechanism. This dissertation presented the CCCE, which entails both QAES and QCaaS aiming to provide more flexibility and secure communication environment, improve the performance of the encryption/decryption process, support more secure data transmission process using less computational time, and solve the problem of key management.
8.1.2 Cloud Computing Cryptographic Algorithm
Since the currently Quantum Cloud environment depends on the QAES algorithm and the cryptographic service, it protects users’ data from hacking as much as possible. QAES algorithm is constructed by the combination between the enhanced version of AES and the QKD system. The selection of AES algorithm, and developed it, comes after performing a comparative analysis between two categories (symmetric and asymmetric) of algorithms using various input file sizes, as shown in Chapter 3. This analysis performed on experimental cloud environment. Accordingly, we conducted that the AES encryption algorithm enjoys certain advantages when compared to the others, especially with respect to the speedup of the encryption process. Moreover, the AES algorithm has proven effective ability against the hacking attack. However, it suffers from the key distribution problem and vulnerable to quantum attack intrusion. Accordingly, In Chapter 5, a new symmetric quantum encryption algorithm has been introduced, implemented and discussed. The study shows that the QAES development and design do not contradict the security of the AES algorithm, since all the mathematical criteria remain unchanged. The experimental results and the analysis show that the QAES produces more complicated un-breakable keys, hard to be predicted by attackers than the keys generated by the AES. Moreover, the speed of encryption of the QAES is tiny higher (0.11 milliseconds) than using the AES without computation time of key generated. The strength of the QAES lies in its ability of generating a high ratio of independence between DQS-Boxes. This ratio aids in achieving a more secured environment against most types of cryptanalysis attacks. This proposed algorithm prepared as an installer package that is installed and configured on the innovative cryptographic service (QCaaS).
8.1.3 Key Management in Quantum Cloud Environment
Data encryption before flying to the cloud is a common and simple way to protect data privacy. Although the encryption algorithms are public, information encrypted under these algorithms is secure because the key used to encrypt the data remains secret. As a result, key management is a critical element in cloud computing. The key management concept in cloud environment means the ability of correctly assign, secure, monitor, and distributed key among the cloud instances and cloud-user machines.
Accordingly, Chapter 4 presents the QKD as an alternative for the traditional key distribution protocols, QKD is a new emerging technology for cryptographic key generation and distribution, developed to solve the key management in the cloud computing. This study implements the QKD–BB84 protocol using two different modes, with/without attack influences, based on a holistic simulation. After then, the obtained results associated with various configurations, such as the length of an initial qubit, noise level and attack influences, are discussed. Such configurations show direct effects on the length of the obtained key and the time required for the key generation. This study reveals that the QKD has the capability to integrate with different security applications or modern encryption algorithms through different integration modes (see Chapter 5). Then, the randomness measurement of generating bits was implemented with the suite tests of randomness depending on the two modes were used in the implementation, the raw mode and the privacy mode. The raw mode tests the randomness using bits generated by the raw key extraction phase, the privacy mode tests the randomness using bits generated by the privacy simplification. In raw mode, despite the P-value indicates the true randomness of the RK generated, the Serial, and Cumulative tests show that balancing the state cannot be achieved in random series due to the unexpected noise. On the other hand, a highly randomness can be gained using privacy mode due to the entailed key distillation phases, such as ER, KR and PA. The QKD managing key management opens up an entirely new approach for secure and flexible key management depending on an unconditional secure mechanism.
8.1.4 Cryptographic Service and Access Control
In Chapter 6, the QCaaS is a core contribution to enhance the cloud computing security and gives more controlling ability to a cloud user to manage their VM. The QCaaS solves the key generation, key distribution and key management problems that emerged through the two implemented negotiation modes. Since QCaaS assigned to the two communication parties (cloud user and CSP), it enjoys many advantages like:
- Serving the cloud-user secure communication and protecting their sensitive data,
- Verifying and monitoring the identity of the original user depending on qcloud.net and Kerberos authentication function,
- Deploying an encryption service with each VM,
- Achieving the encryption/decryption processes using QAES.
Generally, in Quantum Cloud, any privileged operations that traditionally done by administrator of qcloud.net. Building a new sub domain, increasing the authority of a cloud user, domain migration, and management of cloud instances are examples of such operations.
8.1.5 CCCE Roles
Regarding to above, CCCE enjoys certain advantages when compared with the others cloud computing environment [52, 53, 56], especially with respect to the secret key generation used in the encryption/ decryption process. It can be considered as the first cloud environment that integrates both the CSP principles and the quantum cryptography criteria. CCCE shows that the availability and the reliability of the secret key generation can be easily achieved based on two modes, On-line and off-line. In addition, CCCE poses more secure data transmission by provisioning secret keys among cloud’s instances based on innovative cryptographic service QCaaS. CCCE manipulates heavy computing processes that cannot be executed using personal computer only. Finally, Cloud data encryption based quantum technology platform dispels all security fears through the cloud data transmission.
8.2 Future Works
The future works that are related to the topic of this dissertation can be briefly recommended as follows:
Deploying the CCCE system to work on the public cloud environment such as Google cloud platform and Amazon EC2 and generalize the CCCE idea to a broader than the field of personal data transfer.
A third trusted party (TTP) should be added in order to manage the key management in the cloud environment. Such party depends on the quantum cipher in order to solve the problem of key generation and management, and helps to avoid the coverage distance problem which arises in the QKD system.
Deploying the CCCE system to work on the Grid computing environment in order to generalize the system in the most computing paradigms.
Integrate the CCCE in the health cloud computing field such as Health Insurance Portability & Accountability Act (HIPPA) in order to protect electronic health record (EHR).
Developing a new cryptographic benchmark that includes all modern cryptographic algorithms (symmetric and asymmetric) and deploying in the cloud environment to provide the Encryption as a service (EaaS) on -demand.