11.1.3.1.
There are a few options for in-transit encryption depending on what the cloud platform supports. One way is to encrypt before sending to the cloud (client-side encryption). Network encryption (TLS/SFTP/etc.) is another option. Most cloud provider APIs use Transport Layer Security (TLS) by default; if not, pick a different provider, since this is an essential security capability. Proxy-based encryption may be a third option, where you place an encryption proxy in a trusted area between the cloud user and the cloud provider and the proxy manages the encryption before transferring the data to the provider.
A. Client/Application Encryption, Link/Network Encryption, Proxy-Based Encryption
The three valid options for protecting data as it moves to and within the cloud are:
Client/Application Encryption: Encrypting the data at the client or application level before it is transmitted to the cloud. This ensures that the data remains encrypted during its entire journey to the cloud.
Link/Network Encryption: Encrypting the data as it travels over networks, including the Internet, to prevent unauthorized interception and access. This involves using secure communication protocols such as TLS/SSL.
Proxy-Based Encryption: Using a proxy or intermediary to encrypt and decrypt data as it enters and leaves the cloud environment. This can provide an additional layer of security and control over data flows.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Petza
Highly Voted 1 year, 1 month agobyfener
Most Recent 4 months, 2 weeks agoNJALPHA
9 months agotralala2
1 year, 1 month ago