- Forrester Councils
- Councils Overview
- log in
Posted by Andrew Rose on December 20, 2011
As much as the cloud computing model makes sense to me, my security sensibilities cry out about information risk every time I start to consider actual implementation for data of value across an enterprise.
A model which has always made sense has been to place only encrypted data in the cloud, holding the keys locally. This solution gives you control over data access, bypassing any Patriot Act concerns, but allows realization of the benefits of a shared, cloud infrastructure. It has always been recognized, however, that this solution has a number of drawbacks, such as:
In 2009 an IBM cryptographer named Craig Gentry wrote a PhD dissertation describing a solution to the second of these challenges, unfortunately it too had a drawback – his homomorphic encryption solution would increase transaction times by a factor of one trillion.
MIT have now, however, outlined a simpler solution to the problem. CryptDB seeks to address the same challenges but claims to add only 25% to the transaction time. I’m sure it’s not perfect, but it is a positive step toward answering a difficult question and cloud vendors should be interested in how such a feat of encryption wizardry can enable a wider adoption of their services.
Lead BT Transformation
Develop customer-obsessed strategies to drive growth »
Forrester's CX Index
Predict how actions to improve CX will affect revenue performance.
Measure the customer experiences that matter most »