Recent advances in cryptography could mean that future cloud computing services will not only be able to encrypt documents to keep them safe in the cloud–but also make it possible to search and retrieve this information without first decrypting it, researchers say. “This will be a challenging endeavor,” says Dawn Song, a computer scientist at the University of California, Berkeley, who has made fundamental research contributions to using encrypted search strings to find encrypted documents. “However, some of these recent advances are very powerful and, if cleverly engineered and deployed, could lead to significant advances,” in adding security and privacy to cloud computing over the next few years. At the ACM Cloud Computing Security Workshop in Chicago tomorrow, Microsoft Research will propose a theoretical architecture that would stitch together several cryptographic technologies in various stages of development to make the encrypted cloud more … [Read more...] about Searching an Encrypted Cloud
Acm cloud computing security workshop
Cloud computing services, such as Amazon’s EC2 and Google Apps, are booming. But are they secure enough? Friday’s ACM Cloud Computing Security Workshop in Chicago was the first such event devoted specifically to cloud security. Speakers included Whitfield Diffie, a cryptographer and security researcher who, in 1976, helped solve a fundamental problem of cryptography: how to securely pass along the “keys” that unlock encrypted material for intended recipients. Diffie, now a visiting professor at Royal Holloway, University of London, was until recently a chief security officer at Sun Microsystems. Prior to that he managed security research at Northern Telecom. He sat down with David Talbot, Technology Review’s chief correspondent. Technology Review: What are the security implications of the growing move toward cloud computing? Whitfield Diffie: The effect of the growing dependence on cloud computing is similar to that of our dependence on public … [Read more...] about How Secure Is Cloud Computing?
Cloud computing presents inherent privacy dangers, because the cloud provider can see a customer’s data and leased computational apparatus, known as “virtual machines.” New research suggests that as long as the cloud can see things, it might as well check that its customers aren’t running malicious code, new research suggests. Researchers at IBM’s Watson Research Center in Yorktown, NY, and IBM’s Zurich Research lab have developed a system for cloud computing “introspection monitoring,” in which elements of the cloud would act as a kind of virtual bouncer. They’d frisk virtual machines to check what operating systems they’re using, whether they are running properly, and whether they contain malicious code, such as root-kits. “It works by looking inside the virtual machine and trying to infer what it does. You don’t want malicious clients to give you all kinds of malware in their virtual machines that you will … [Read more...] about Self-Policing Cloud Computing
Big Data SC Conference Program, are designed to complement the regular Technical Papers Program. Previously featured as Masterworks, Plenary and State-of-the-Field talks, the SC15 talks are combined under the single banner of “Invited Talks.” This November’s Invited Talks will feature leaders in the areas of high performance computing, networking, analysis and storage.According to the SC15 Web site, “Invited Talks will typically concern innovative technical contributions and their applications to address the critical challenges of the day. Additionally, these talks will often concern the development of a major area through a series of important contributions and provide insights within a broader context and from a longer-term perspective. At all Invited Talks, you should expect to hear about pioneering technical achievements, the latest innovations in supercomputing and data analytics, and broad efforts to answer some of most complex questions of our … [Read more...] about Spotlighting Leaders in HPC, Networking, Analysis and Storage
Research released last week fingered the iPhone as the source of a text messaging exploit that could be used to steal sensitive information from smartphone users or work mischief on their hardware.The flaw, revealed by a well-known security researcher and jailbreaker of iPhones, involves the "reply to" line in SMS messages.In its analysis of the SMS flaw, AdaptiveMobile, a mobile security company, found that Android, Windows Mobile, BlackBerry and Symbian phones either ignore the "reply address" field or display both the originating and the reply addresses in the message. In all cases, it isn't possible to automatically reply to a message using "reply to."The iPhone displays only the "reply to" address. So a text message can be sent from one address but appear to be sent from another.Most handsets now ignore "reply to," but Apple has left a significant vulnerability in its handsets which could allow consumers to be fooled and hand over personal details to hackers and criminals, … [Read more...] about SPOTLIGHT ON SECURITY Security Sleuths Lay Blame on Apple for SMS Vulnerability