數據存儲在云端有多安全？

張海濱

As cloud storage becomes more common， data security is an increasing concern. Companies and schools have been increasing their use of services like Google Drive for some time， and lots of individual users also store files on Dropbox， Box， Amazon Drive， Microsoft OneDrive and the like. Theyre no doubt concerned about keeping their information private—and millions more users might store data online if they were more certain of its security.

Data stored in the cloud is nearly always stored in an encrypted form that would need to be cracked before an intruder could read the information. But as a scholar of cloud computing and cloud security， Ive seen that where the keys to that encryption are held varies among cloud storage services. In addition， there are relatively simple ways users can boost their own datas security beyond whats built into systems they use.

Who holds the keys？

Commercial cloud storage systems encode each users data with a specific encryption key. Without it， the files look like gibberish—rather than meaningful data.

But who has the key？ It can be stored either by the service itself， or by individual users. Most services keep the key themselves， letting their systems see and process user data， such as indexing data for future searches. These services also access the key when a user logs in with a password， unlocking the data so the person can use it. This is much more convenient than having users keep the keys themselves.

But it is also less secure： Just like regular keys， if someone else has them， they might be stolen or misused without the data owner knowing. And some services might have flaws in their security practices that leave users data vulnerable.

Letting users keep control

A few less popular cloud services， including Mega and SpiderOak， require users to upload and download files through service-specific client applications that include encryption functions. That extra step lets users keep the encryption keys themselves. For that additional security， users forgo some functions， such as being able to search among their cloud-stored files.

These services arent perfect—theres still a possibility that their own apps might be compromised or hacked， allowing an intruder to read your files either before theyre encrypted for uploading or after being downloaded and decrypted. An encrypted cloud service provider could even embed functions in its specific app that could leave data vulnerable. And， of course， if a user loses the password， the data is irretrievable.

One new mobile app says it can keep phone photos encrypted from the moment theyre taken， through transmission and storage in the cloud. Other new services may arise offering similar protection for other types of data， though users should still be on guard against the potential for information to be hijacked in the few moments after the picture is taken， before its encrypted and stored.

Protecting yourself

To maximize cloud storage security， its best to combine the features of these various approaches. Before uploading data to the cloud， first encrypt it using your own encryption software. Then upload the encoded file to the cloud. To get access to the file again， log in to the service， download it and decrypt it yourself.

This， of course， prevents users from taking advantage of many cloud services， like live editing of shared documents and searching cloud-stored files. And the company providing the cloud services could still modify the data， by altering the encrypted file before you download it.

The best way to protect against that is to use authenticated encryption. This method stores not only an encrypted file， but additional metadata that lets a user detect whether the file has been modified since it was created.

Ultimately， for people who dont want to learn how to program their own tools， there are two basic choices： Find a cloud storage service with trustworthy upload and download software that is open-source and has been validated by independent security researchers. Or use trusted open-source encryption software to encrypt your data before uploading it to the cloud; these are available for all operating systems and are generally free or very low-cost.

云存儲日益普及，人們也越來越關注數據安全。一段時間以來，眾多公司和學校越來越多地使用谷歌云盤這類服務，很多個人用戶也把文件存儲在多寶箱、Box網盤、亞馬遜云盤、微軟網盤等云服務器上。用戶無疑要關注個人信息的私密性，人們要是確信云端存儲的安全性，可能還會有數以百萬計的用戶在線存儲數據。

云端的數據絕大多數是以加密形式存儲的，入侵者若要讀取信息，必須先解密數據。我是云計算和云安全領域的學者，而我卻發現密鑰的保管地點因云存儲服務商而異。此外，除了云服務商提供的系統安全措施外，用戶還有一些相對簡單的辦法來增強數據的安全性。

密鑰由誰保管？

商業云存儲系統使用特定密鑰為每位用戶的數據加密。沒有密鑰，用戶文件看起來只是亂碼，而非有意義的數據。

那么由誰保管密鑰呢？密鑰或由服務方保管，或由個人用戶方保管。大部分服務商會自己保管密鑰，以便系統查看和處理用戶數據，如為將來的檢索做數據索引。用戶使用密碼登錄時，這些服務商也同時獲得密鑰，從而解鎖數據供該用戶使用。這種方式遠比讓用戶保管密鑰方便得多。

但這種方式的安全性要差些：和普通鑰匙一樣，要是別人也有一把，那么在主人不知情的情況下，鑰匙可能會被盜或誤用。有些服務商的安全措施可能還存在漏洞，致使用戶的數據易受攻擊。

讓用戶掌有控制權

包括Mega和SpiderOak在內的幾個比較小眾的云服務商要求用戶使用有加密功能的、針對特定服務開發的客戶應用程序來上傳和下載文件。這個額外的步驟使用戶可以自己保管密鑰。額外的安全性是用戶犧牲部分功能換來的，如在云存儲文件中檢索的功能。

這些服務也并非完美無瑕，客戶應用程序也可能被盜用或被攻擊，使入侵者可在用戶加密上傳數據之前或下載解密之后讀取文件。加密云服務供應商在其特定應用中嵌入的功能甚至會讓數據易受攻擊。而且，一旦用戶丟失密碼，數據是不可找回的。

一款新的手機應用宣稱，從照片拍攝開始到其在云端的傳輸、存儲，手機照片始終處于加密狀態。為其他數據形式提供類似保護的新服務也可能會出現，但用戶還是應該保持警惕，在照片拍攝后、加密和存儲之前的片刻，信息都有被劫持的可能。

自我保護

為了最大化云存儲的安全性，我們最好是能把這幾種方法的特點結合起來。數據上傳之前，先用自己的加密軟件給數據加密，然后再把加密過的文件上傳到云端。再次獲取文件時，登錄云服務，下載后自行解密。

當然，這么做會妨礙用戶利用許多云服務提供的功能，如在線編輯共享文件和查找云存儲文件等。而且，云服務供應商仍然可以在你下載之前通過變更加密文件來修改數據。

最好的防范措施是使用驗證加密。這個方法不僅存儲了加密文件，還另外存儲了元數據，能讓用戶看出文件在創建后是否有被修改過。

最后，給那些不想學習如何編程加密工具的人提供兩個基本選擇：找一個云服務商，其用于上傳和下載的軟件安全可靠，不僅開放源代碼，而且通過了獨立安全研究人員的驗證;或使用值得信賴的開源加密軟件，在你把數據上傳至云端前給數據加密——所有操作系統都支持這兩種方法，而且一般不收費或只收取極少費用。

（譯者為“《英語世界》杯”翻譯大賽獲獎者）