Brown U Reseachers Recommend Data Shuffling Technique To Secure Cloud Activity -- Campus Technology

Cloud Computing and SaaS

Brown U Reseachers Recommend Data Shuffling Technique To Secure Cloud Activity

By Leila Meyer
03/11/14

Researchers at Brown University have developed a data shuffling technique that aims to improve security of data stored in the cloud by hiding usage patterns, which can be analyzed to reveal secret information.

Without data shuffling, snoopers and cloud providers can monitor which files an organization accesses from a cloud service and when, even though the content of those files themselves is encrypted. By tracking that information, along with major events related to the organization, the third parties can figure out what an organization may be doing before that information is made public.

For example, if an organization typically accesses a particular set of files stored at a particular location on the cloud server before announcing a negative earnings report, eavesdroppers can figure out when the organization is preparing to release such a report again. Some programs, such as those for processing bankruptcy proceedings, may also have a recognizable pattern of accessing data. When snoopers detect that pattern, they can deduce that the organization may be preparing to file for bankruptcy.

The data shuffling technique, dubbed the Melbourne Shuffle after a dance move originating in Australia where one of the researchers did her graduate studies, aims to add an extra layer of security to data stored in the cloud. The technique downloads data from the cloud in small chunks, rearranges it, and then uploads it back to the cloud. By repeating the process with different blocks of data, all of an organization's cloud data can be shuffled, so data snoopers can no longer detect patterns.

According to information from the university, "the researchers envision deploying their shuffle algorithm through a software application or a hardware device that users keep at their location. It could also be deployed in the form of a tamper-proof chip controlled by the user and installed at the data center of the cloud provider."

The research paper, "The Melbourne Shuffle: Improving Oblivious Storage in the Cloud," can be found on arXiv.

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

E-Mail this page

Printable Format

Featured

Stanford Online Launches Immersive Learning Studio

Stanford Online recently marked its 30th anniversary with the announcement of a new immersive learning studio, according to a university news release. The studio takes advantage of AI-powered and immersive learning technologies to continue delivering personalized and faculty-led education.
OpenAI to Combine AI Products into Desktop 'Superapp'

OpenAI is reportedly developing a desktop application that would combine several of its emerging AI products into a single platform, according to reports, marking the latest step in the company's effort to transform ChatGPT from a standalone chatbot into a broader productivity and automation environment.
Microsoft Intros New Agentic AI Security Multi-Model Defense System

A new multi-model agentic AI security system built by Microsoft's Autonomous Code Security team helped researchers find 16 new vulnerabilities across the Windows networking and authentication stack, the company anounced in a recent security blog post.
AI, Identity, and Speed: Cybersecurity Priorities for Higher Ed

Fortinet Security Operations Specialist Jason Palm explains how AI is raising new security challenges for higher education, requiring stronger governance, identity protection, threat detection, automation, and incident readiness.