Microsoft Research Explores Secure Cloud Data Exchanges
Microsoft researchers hope that one day organizations won't have to sacrifice usability for security when jointly working with encrypted data in the cloud.Encrypting data is an effective and time-tested way of keeping sensitive or confidential information out of the hands of unauthorized users and hackers. The problem, at least in scenarios involving partners or multiple parties, is that encryption can stand in the way of unearthing new insights and making scientific breakthroughs. The solution seems simple; decrypt the data and allow trusted party access to the information. However, as Microsoft Research writer John Roach blogged on Aug. 9, decrypting data can make it vulnerable to a breach. And for some institutions, like health and genetic research organizations, a breach can be devastating. Microsoft is proposing a new way of working with encrypted data using a cloud-based secure exchange. "New research from Microsoft aims to unlock the full value of encrypted data by using the cloud itself to perform secure data trades between multiple willing parties in a way that provides users full control over how much information the exchange reveals," Roach wrote. The exchange is based on multiparty computation, where calculations using data from two or more parties fail to reveal the specifics of each individual's data.
Roach gives an example of a situation where a group of employees wants to know how their salaries rank without revealing how much they are paid to the group. The group enlists a trusted colleague with the information, who calculates the average salary, delivers it to the group and forgets the details. The employees can then see how their pay stacks up.