Rawpixel - Fotolia

Microsoft hails cloud security breakthrough with encrypted data

Microsoft researchers talk up cloud security breakthrough that allows encrypted data to be processed without prior decryption

An easier and secure way has been found for encrypted data to be processed and worked on in the cloud without having to be decrypted first, according to Microsoft researchers.

The researchers’ proposed Secure Data Exchange (SDE) protocol is based on the principles of the secure multi-party computation approach to cryptography. Its design allows third parties to carry out computations on encrypted, cloud-stored data and share their results.

“None of the parties will learn anything about the data beyond what they already know and what will be revealed by the function output,” a research paper authored by the group states.

“The data stored in the cloud can be used repeatedly for an arbitrary number of interactions.”

The breakthrough could lower the cost of scientific research, preserving data privacy while the information is being worked on, the Microsoft research team said.

Cloud security

It also has ramifications for the security of data stored in the cloud, as it negates the need for decryption to take place, making it harder for malicious agents to get hold of usable data, according to the team.

The research paper sets out a number of hypothetical use cases for the protocol within the pharmaceutical, healthcare and machine learning industries. The researchers stressed that it will allow organisations to securely sample anonymised medical data before they buy it.

This type of data is typically expensive to procure, the paper said, so a pharma company needs to be assured the information is high quality and likely to prove useful.

“Current solutions used in practice require substantial and costly litigation to preserve the interests of each party, while still typically failing to preserve full privacy,” the paper said.

“In some scenarios anonymisation procedures end up causing the resolution of the data to decrease so much that a significant part of its value is lost in the process.”

Read more about cloud security

In a blog post, outlining the economic benefits of the method, Microsoft said that using the cloud will enable data owners to retain full control over how much information is revealed during exchanges.

“It’s a research project for now. But the team aims to publicly release the library, or tools, needed to implement the secure data exchange in the near future,” the blog post stated.

Read more on Infrastructure-as-a-Service (IaaS)