Fujitsu Looks to Protect Privacy While Searching Encrypted Data
Fujitsu Laboratories has created a technology that company officials said enables organizations to perform batch searches of encrypted data while it's still encrypted, a capability that would enhance the privacy of the information.
The technology is based on homomorphic encryption, which lets users perform computations on confidential and encrypted data without having to unecrypt it during the process, according to Fujitsu officials. What the vendor is doing is leveraging homomorphic encryption to create a technology that lets the users also perform batch searches of the data, which means that organizations not only can run calculations and analyses on the encrypted data, but also better search it.
It's a key step in ensuring that businesses can get the most out of sensitive encrypted data that is stored in the cloud, officials said.
Fujitsu will present details on the technology at its Fujitsu North America Technology Forum 2014, which starts Jan. 22 in Mountain View, Calif. In addition, officials will present it at the Symposium on Cryptography and Information Security (SCIS 2014) starting Jan. 21 in Japan.
Fujitsu Labs engineers will continue working on the technology and are aiming to get it on the market next year. They are looking to find a balance between protecting the security of personal information while enabling the data to be used in a fashion that doesn't violate privacy expectations.
In a statement announcing the unnamed technology, company officials noted that cloud-based storage and big data analysis are becoming more prominent, with services being offered to such organizations as health care facilities. In such industries where issues like privacy, compliance and security are extremely important, the concern about exposure of private information is high.
Fujitsu Lab technicians have been working on technologies designed to help organizations gain the benefits of cloud computing and big data without endangering the privacy of the data. Studies continue to show that privacy and security are key concerns businesses and other organizations have when considering moving data into a cloud environment.
In a survey issued last month, QuinStreet Enterprise—the publisher of eWEEK, CIO Insight and IT Business Edge, to name a few—found that compliance and security were the top concerns when talking about cloud computing and data center modernization. Sixty-one percent cited compliance and security as the keys, with inadequate budgets and backup recovery speed coming in second and third.
Fujitsu officials said there already are several ways for searching data that's encrypted, but those methods are limiting. Organizations must use pre-registered searchable keywords and can use what Fujitsu called "freeform searching." In addition, using these methods, search results are unencrypted, which carries the possibility that the unencrypted search results could end up being disclosed on the search engine.
These methods also take a lot of time, according to Fujitsu officials.
With Fujitsu's new batch search method, the speed of the search for matches of encrypted data is accelerated, with the new technology being able to search 16,000 encrypted characters in a second. Users also can conduct the batch searches without pre-generated searchable keywords. The vendor is leveraging the private calculation functions in homomorphic encryption to enable the batch search process to find matches between the search key and encrypted character string. In addition, the search results are encrypted and can be read only by someone with a decryption key, company officials said.
With this technology, the source data, search key and search results are all encrypted.
The technology is aimed at such privacy-centric industries as health care, the sciences and education, though it will do well wherever data privacy is critical.