Brown U Reseachers Recommend Data Shuffling Technique To Secure Cloud Activity -- Campus Technology

Cloud Computing and SaaS

Brown U Reseachers Recommend Data Shuffling Technique To Secure Cloud Activity

By Leila Meyer
03/11/14

Researchers at Brown University have developed a data shuffling technique that aims to improve security of data stored in the cloud by hiding usage patterns, which can be analyzed to reveal secret information.

Without data shuffling, snoopers and cloud providers can monitor which files an organization accesses from a cloud service and when, even though the content of those files themselves is encrypted. By tracking that information, along with major events related to the organization, the third parties can figure out what an organization may be doing before that information is made public.

For example, if an organization typically accesses a particular set of files stored at a particular location on the cloud server before announcing a negative earnings report, eavesdroppers can figure out when the organization is preparing to release such a report again. Some programs, such as those for processing bankruptcy proceedings, may also have a recognizable pattern of accessing data. When snoopers detect that pattern, they can deduce that the organization may be preparing to file for bankruptcy.

The data shuffling technique, dubbed the Melbourne Shuffle after a dance move originating in Australia where one of the researchers did her graduate studies, aims to add an extra layer of security to data stored in the cloud. The technique downloads data from the cloud in small chunks, rearranges it, and then uploads it back to the cloud. By repeating the process with different blocks of data, all of an organization's cloud data can be shuffled, so data snoopers can no longer detect patterns.

According to information from the university, "the researchers envision deploying their shuffle algorithm through a software application or a hardware device that users keep at their location. It could also be deployed in the form of a tamper-proof chip controlled by the user and installed at the data center of the cloud provider."

The research paper, "The Melbourne Shuffle: Improving Oblivious Storage in the Cloud," can be found on arXiv.

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

E-Mail this page

Printable Format

Featured

Google Intros New Gemini Enterprise Agent Platform

Google Cloud has announced a new platform for building and managing enterprise AI agents, as the company seeks to turn its Gemini models and Vertex AI tooling into a broader system for automating business workflows.
AI Shifts Cybersecurity Focus from Finding Flaws to Fixing Them

For decades, one of cybersecurity's most difficult challenges has been finding vulnerabilities before attackers do. A growing number of security professionals now say artificial intelligence is changing that equation, shifting the focus from discovering flaws to fixing them quickly enough to prevent exploitation.
IBM Announces New AI-Powered Cybersecurity Tools

IBM has announced an expanded portfolio of AI-powered cybersecurity products, positioning the company to compete more aggressively in a rapidly evolving market where enterprises are increasingly turning to artificial intelligence to defend against automated cyber threats.
Apple Introduces Redesigned Siri AI

At its recent Worldwide Developers Conference, Apple introduced Siri AI, a redesigned version of its voice assistant that Apple describes in its own announcement as "a profoundly more capable and personal assistant." The update is intended to make Siri more conversational, more context-aware, and more useful across iPhone, iPad, Mac, Apple Watch, and Vision Pro.