Challenge: Big data originates from multiple endpoints and often contains a large amount of personal data, and that makes the task of securing big data not only a privacy issue but a legal one as well.
Solution: To control the visibility of big data in the cloud, organizations can either limit access to the system in which the data is stored or protect the data itself with cryptography. While both methods have their benefits, the CSA concludes that encrypting data end-to-end creates a smaller attack surface.
Cryptography, the CSA notes, is a great security enhancer yet is not without its own complications. To be successful, cryptography methods must ensure that adversaries cannot identify corresponding plaintext by looking at ciphertext. In addition, they shouldn't be able to learn anything about the encrypted data (besides whether the predicate was satisfied) or forge data that did not come from the source.
To overcome these vulnerabilities, the cryptographic protocol must defend against threats by a reduction argument or simulation argument.