Are cloud communication protocols secure?

There’s security and there’s security. While a hacker might not break the encrypted communication directly, that doesn’t mean there aren’t other ways.

03/02/2012


Dear Control Engineering: I was reading the article about networking protocols, and there is a statement that Skype, and by implication, other cloud technologies, are secure. Is this true?

Yes, it is if you are specific about what means exactly. Let’s digress for a moment and consider a historical parallel. Back during WWII, the German armed services used a device called an Enigma machine that encrypted messages sent by radio using Morse code. While the allies were able to intercept the radio traffic, without breaking the code, they were unable to understand the messages. So, there were enormous efforts to find ways to break the process. Those stories are fascinating and you can read them elsewhere, but successes usually came as a result of sloppy radio operators or largely brute force methods to simply try every possible key using early electro-mechanical computers.

Modern encryption is far more complex. The AES (advanced encryption standard) used with most communication on the Internet can employ a 256-bit key which would require 2200 operations to break by brute force. So it isn’t possible to decode the information by intercepting the transmission. That doesn’t mean it is secure necessarily. A determined hacker will simply find another way, and that probably means getting the message by going after one of the people that is sending or receiving. Even if the code is unbreakable, if someone breaks into my computer from outside, he or she can likely see the same information I can. My security depends on how well I protect the information once it is decoded. Using my earlier analogy, it would be like looking over the radio operator’s shoulder and seeing the message in plain text before it’s encoded.

Peter Welander, pwelander@cfemedia.com



The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
HMI effectiveness; Distributed I/O; Engineers' Choice Award finalists; System Integrator advice; Inside Machines
Women in engineering; Engineering Leaders Under 40; PID benefits and drawbacks; Ladder logic; Cloud computing
Robotic integration and cloud connections; SCADA and cybersecurity; Motor efficiency standards; Open- and closed-loop control; Augmented reality
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. As we know, PLCs aren’t the only option for making decisions in a control loop, but they are likely why you’re here.
This digital report explains how motion control advances and solutions can help with machine control, automated control on assembly lines, integration of robotics and automation, and machine safety.
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
Cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me