How to secure the cloud

August 1, 2014 by Angela Herring, Northeastern University
With support from the National Science Foundation, cryptography expert Daniel Wichs, an assistant professor in the College of Computer and Information Science, will work as part of a multi-university team to develop better encryption techniques to improve cloud security.

For many of us, the primary reason we use "the cloud" is for storage—whether it's storing email through services like Gmail and Yahoo!, photos on Flickr, or personal documents on Dropbox. Many organizations like hospitals and banks utilize the cloud to store data on patient and customer information.

But there's also a computational side to the cloud that comes into play when, say, we search for an old email or perform complex analyses of large volumes of data stored there.

Regardless of the scenario, it's clear that precious personal information is stored in the cloud, and we'd like to think it's secure up there. Enter Daniel Wichs, an assistant professor in the College of Computer and Information Science. He is part of a multi-university research team that is working to make sure the cloud is as secure as possible. The project is supported by a grant project announced Thursday by the National Science Foundation's Secure and Trustworthy Cyberspace program and is a part of a larger NSF effort to support foundational cybersecurity research and education.

The collaborative "Frontier" project includes researchers from Northeastern, Boston University, the Massachusetts Institute of Technology, and the University of Connecticut. The team will deploy and test the mechanisms they develop in this project using the Massachusetts Open Cloud—a partnership of state government, industry, and universities including Northeastern that is designed to create a new public cloud computing marketplace to help spur innovation.

"We're developing tools at all levels of the system," said Wichs, a cryptography expert who will focus his efforts on this area of the project.

"Encryption," he explained, "is a procedure we've been thinking about basically since the dawn of time, but we've only had good ways of doing it since the 70s." Until recently, even the best encryption strategies were limited when it comes to cloud computation, he said, adding that "The problem is that standard ways of encrypting data render it useless. Once encrypted, there is no way to perform any computation over it."

Patient data is a prime example. If a hospital wants to conduct large-scale analyses on this information, it is limited to looking at local computers because federal Health Insurance Portability and Accountability Act, or HIPAA, laws prevent it from sharing private details about patients with external entities. The hospital can easily store encrypted patient information, but it can't utilize the increased computational powers of external computers to analyze it because encryption prevents that possibility.

In recent years, a new method for computing on has come about that has the potential to change all that. "I can send you encrypted data, you run the and then send me back the encrypted answer," Wichs explained. "I can decrypt the answer because I have the secret key, but you never learn anything."

This breakthrough presents great promise, but the approach is still too inefficient to be widely useful, Wichs said. With this grant, Wichs will try to change that. By developing new theoretical methods for encrypting data and performing computations on that data, he hopes to provide a new level of security to cloud-based computing.

"We want to take a standard program and convert it to work on encrypted data," he said. Prior approaches needed to first convert the program into a much less efficient circuit representation before being able to evaluate it on encrypted . Wichs is working to build new encryptions schemes that can evaluate standard programs directly.

The research project aligns with Northeastern emphasis on use-inspired research that solves global challenges, particularly in the areas of security, health, and sustainability.

Explore further: Expanding the breadth and impact of cybersecurity and privacy research

Related Stories

Advancing privacy and security in the cloud

December 24, 2013

IBM inventors have received a patent for a breakthrough data encryption technique that is expected to further data privacy and strengthen cloud computing security.

Recommended for you

World's biggest battery in Australia to trump Musk's

March 16, 2018

British billionaire businessman Sanjeev Gupta will built the world's biggest battery in South Australia, officials said Friday, overtaking US star entrepreneur Elon Musk's project in the same state last year.

1 in 3 Michigan workers tested opened fake 'phishing' email

March 16, 2018

Michigan auditors who conducted a fake "phishing" attack on 5,000 randomly selected state employees said Friday that nearly one-third opened the email, a quarter clicked on the link and almost one-fifth entered their user ...

Origami-inspired self-locking foldable robotic arm

March 15, 2018

A research team of Seoul National University led by Professor Kyu-Jin Cho has developed an origami-inspired robotic arm that is foldable, self-assembling and also highly-rigid. (The researchers include Suk-Jun Kim, Dae-Young ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.