In traditional systems, client-side operating systems are employed to manage relationships between users, software applications, and hardware within a client machine, as well as that resident upon a connected intranet. In most cases, files and other data are locally stored within the resident computer or upon a secure intranet. Thus, security of data can be manageable since the data is most often limited to locally accessible and restricted data stores.
However, the conventional computing paradigm is beginning to shift as maintaining security, indexing data, and the like on each client device can be quite expensive. As network connectivity has continued to improve, it has become apparent that a more efficient computing model includes lightweight (e.g., inexpensive) clients that continuously communicate with third-party computing devices to achieve substantially similar end results when compared to the conventional computing paradigm. In accordance with this architecture, the third-party can provide a ‘cloud’ of data, devices and services, such that requests by several clients can simultaneously be serviced within the cloud without the user noticing any degradation in computing performance.
Cryptography refers to a conversion of data into a secret code for transmission over a public network. In order to secure data transmission, the original text, or ‘plaintext,’ is converted into a coded equivalent called ‘ciphertext’ via a proprietary encryption algorithm. Subsequently, to restore the data to a readable form, the ciphertext can be decoded or decrypted at the receiving end to restore the data into plaintext.
Generally, proprietary encryption algorithms use a key, which is typically a binary number from 40 to 128 bits in length. The ‘cipher strength’ is a function of the number of bits. For example, the greater the number of bits in the key, the more possible key combinations and, thus, the longer it would potentially take to break the code. The data is encrypted, or ‘locked,’ by mathematically combining the bits in the key with the data bits. At the receiving end, the key is used to ‘unlock,’ or decrypt, the code to restore the original data.
Conventionally, there are two cryptographic methods, ‘symmetric’ and ‘public-key’ cryptography. The traditional symmetric method uses a secret key, such as the DES standard. In accordance with symmetric cryptography, both sender and receiver use the same key to encrypt and decrypt. Symmetric key algorithms are generally faster than other cryptographic methods, but these methods sometimes involve transmitting a secret key to the recipient which can be difficult and sometimes not secure.
The second method is public-key cryptography, such as RSA, which uses both a private and a public key. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender employs the recipient's public key and uses it to encrypt the message. Upon receipt, the private key can be used to decrypt the message. In other words, because owners do not have to transmit their private keys to anyone in order to decrypt messages, the private keys are not in transit and are not vulnerable.