The potential benefits of cloud computing are amazing. Imagine for example
your medical records being in the cloud, accessible immediately from anywhere in
an emergency...
But wait a minute. What if the cloud is not secure? Already there have been a
couple of instances where a cloud was hacked, or where there was a sustained
loss of service. The cloud represents a single point of failure, and thus must
not be allowed to fail. And what about privacy - you don't want anyone and
everyone poking around in your medical records. The solution here is encryption,
but a particularly sophisticated type of encryption. For example you might want
your medical records to be completely available to you and your surgeon, and
partially available to your GP and nurse, and somewhat available to your medical
insurer. What's wanted in fact is known as "Attribute-Based Cryptography", where
your access to the data depends on who you are and what attributes you have.
Well cometh the hour cometh the solution. As often happens in research, in a
completely seperate development from cloud computing, mathematicians have
recently come up with the perfect solution to the problem of attribute-based
cryptography, based on the mathematics of "pairing-based cryptography". Previous
efforts floundered on the problem of "collusion attacks". Say one needs
attribute A and attribute B to access certain data. I have attribute A only, you
have attribute B only, each of us individually does not have sufficient
attributes to access the data, but if the two of us get together... The new
methods prevents this. This is a very hot research area.
If you want to read more, see
http://eprint.iacr.org/2010/565
and
http://ece.wpi.edu/~mingli/papers/Li_SecureComm10.pdf
But academics having solved a problem do not linger long on it. There are
other problems of interest. Unfortunately commercial exploitation of such ideas
is often delayed, as knowledge of these new techniques is not widespread.
Here is another problem of particular interest to an Irish audience -
Electronic Voting. We in Ireland dabbled with it before but the proposed
method then was totally insecure. Ideally we would like to encrypt each vote and
yet still be able to count it. However normally you can't do maths (like
counting) on encrypted data. The solution is "homomorphic cryptography". Google
for it. We don't quite have a perfect solution for it yet, but we are getting
there... Another fascinating and hyperactive research area.
No comments:
Post a Comment