Ensuring data privacy in the cloud
Cloud computing infrastructure is critical to the modern economy, but its increasingly widespread use for storing and processing sensitive personal data is raising privacy and security fears. An EU-funded consortium is redesigning cloud architectures to put privacy at the heart of distributed data management.
© andranik123 - fotolia.com
The SafeCloud project is addressing pressing concerns about the safety, integrity, security and privacy of data being shared, stored and processed on the geographically dispersed computing systems that make up cloud infrastructure. Frequent data breaches by cyber-criminal groups and state-backed actors as well as incidents of unauthorised information-gathering by governments underscore the need for significant improvements in data storage approaches especially as increasingly sensitive information, from banking data to medical records, is being stored online.
The problem is being compounded by legal issues related to the domains where data is physically located, processed and transmitted, often outside the legal jurisdiction of its rightful owner.
Focusing especially on sensitive personal data, as defined in the EU General Data Protection Regulation, the SafeCloud team is developing an innovative two-pronged approach to protect and secure information in the cloud.
On the one hand, data storage is partitioned in multiple administrative domains that make it difficult for someone to bring it together to access meaningful information. The strategy allows sensitive information to be protected by design. In addition, the data is entangled with interdependencies that make it very difficult to tamper with its integrity.
These two core features of the SafeCloud architecture partitioning and entanglement are applied holistically across the entire data-management stack. The approach enables secure communication, trustworthy storage and private data processing.
Recognising that there is no one-size-fits-all solution for modern cloud computing needs, the approach gives users full control over the domains where their data is partitioned and allows them to select different degrees of entanglement, to finely balance functionality, privacy, performance and scalability.
Successful trials of the architecture and the underlying technologies developed so far in the project have led two of the partners, Portuguese research institute INESC TEC and the University of Neuchâtel in Switzerland, to set up a spin-off company to exploit the results. SafeCloud Technologies is currently offering products ranging from consumer-grade software applications to enterprise-grade secure database systems.