lundi 20 janvier 2014

Watch out Accumulo: IBM wins patent for fully homomorphic encryption


Decision makers are breaking down information silos to gain a better view of their companies and customers, but successfully implementing analytics at an organizational level is much easier said than done. In a world of tight budgets, CIOs seeking to tap into data from multiple sources have to meet performance objectives and keep risks in check, all while keeping apace with a fast changing technological landscape. The cloud presents a cost-effective alternative to traditional on premise Hadoop clusters, but entrusting mission-critical information to a third party introduces a whole new set of challenges.

These are the use cases IBM is looking to simplify with fully homomorphic encryption, a newly patented technology that makes it possible to process encrypted data without decrypting it first. Aside from closing the door on hackers, the innovation could also lighten the compliance burden on enterprises – especially those operating in regulated industries – by ensuring that data scientists can’t access sensitive information.

Craig Gentry, an IBM researcher and the co-inventor of the patent, said in a statement that “our patented invention has the potential to pave the way for more secure cloud computing services – without having to decrypt or reveal original data. Fully homomorphic encryption will enable companies to confidently share data and more easily and quickly overcome challenges or take advantage of emerging opportunities.”

Fully homomorphic encryption holds the same premise as is complimentary to the approach popularized by Accumulo, an open source NoSQL database that leverages cell-level security to provide granular control over user access to Big Data. Sqrrl, the Massachusetts-based NSA spinoff that distributes the platform, recently raised $5.2 million in Series A financing from Atlas Venture and Matrix Partners to hire more engineers and address growing demand from enterprise clients.

Update 12/30/13:

In an email exchange, SiliconANGLE communicated with Sqrrl co-founder Ely Kahn who explained the differences between what IBM has announced and Accumulo’s approach. Specifically, Kahn told us Sqrrl is actually excited about homomorphic encryption because not only does it shine more light on the issue of security but it’s a powerful technique. According to Kahn, homomorphic encryption allows computations to be done over encrypted text– in other words,  analytics (for example) can be performed on the encrypted data without decrypting first (decrypting adds overhead and increases security threats). Kahn explained that with homomorphic encryption, only the result needs to be decrypted, providing greater levels of protection and efficiency.

Regarding the IBM announcement, Kahn told SiliconANGLE that IBM is a close partner of Sqrrl and Sqrrl Enterprise has a pluggable encryption architecture where it can support a variety of different encryption algorithms.  “Perhaps one day customers will be using IBM’s homomorphic encryption on data stored in Sqrrl Enteprise,” said Kahn.

Kahn bristled at the suggestion that Homomorphic encryption threatens Accumulo saying “Sqrrl Enterprise’s cell-level security capabilities have nothing to do with encryption.  The cell-level security capabilities refer to our ability to apply fine-grained access controls to the data. Homomorphic encryption does not replace the need for strong authentication and authorization controls.”

According to Kahn, cell-level security is a technique that enables organizations to be selective in who sees which pieces of information. Homomorphic encryption enables computations to be done in an encrypted environment. Both promote better security and better information sharing, but for very different use cases and in different ways.

Earlier this year, one example of a high profile use case for cell-level security was reported by SiliconANGLE regarding NSA's PRISM database, which uses Accumulo to store and safeguard cell phone metadata. According to Wikibon Chief Analyst Dave Vellante, “In the past nine months, interest in Big Data security has exploded. Two years ago the Big Data digerati hardly talked about security. Now with real systems going into production, combined with the Snowden leaks, the Big Data community is realizing that security can’t be an afterthought; rather it needs to be designed in from the start.”



By: Maria Deutscher
Link: http://siliconangle.com/blog/2013/12/26/watch-out-accumulo-ibm-wins-patent-for-fully-homomorphic-encryption/

Aucun commentaire:

Enregistrer un commentaire