Researchers Recommend Data Shuffling Technique To Secure Cloud Activity -- THE Journal

Cloud Computing and SaaS

Researchers Recommend Data Shuffling Technique To Secure Cloud Activity

By Leila Meyer
03/11/14

Researchers at Brown University have developed a data shuffling technique designed to improve the security of data stored in the cloud by hiding usage patterns, which can be analyzed to reveal secret information.

Without data shuffling, snoopers and cloud providers can monitor which files an organization accesses from a cloud service and when, even though the content of those files themselves is encrypted. By tracking that information, along with major events related to the organization, the third parties can figure out what an organization may be doing before that information is made public.

For example, if an organization typically accesses a particular set of files stored at a particular location on the cloud server before announcing a negative earnings report, eavesdroppers can figure out when the organization is preparing to release such a report again. Some programs, such as those for processing bankruptcy proceedings, may also have a recognizable pattern of accessing data. When snoopers detect that pattern, they can deduce that the organization may be preparing to file for bankruptcy.

The data shuffling technique, dubbed the Melbourne Shuffle after a dance move originating in Australia where one of the researchers did her graduate studies, aims to add an extra layer of security to data stored in the cloud. The technique downloads data from the cloud in small chunks, rearranges it, and then uploads it back to the cloud. By repeating the process with different blocks of data, all of an organization's cloud data can be shuffled, so data snoopers can no longer detect patterns.

According to information from the university, "the researchers envision deploying their shuffle algorithm through a software application or a hardware device that users keep at their location. It could also be deployed in the form of a tamper-proof chip controlled by the user and installed at the data center of the cloud provider."

The research paper, "The Melbourne Shuffle: Improving Oblivious Storage in the Cloud," can be found on arXiv.

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

E-Mail this page

Printable Format

Featured

Case Systems Launches Line of K–12 Makerspace Installations

Case Systems recently announced the launch of SALTO, a line of classroom fixtures and installations for K–12 learning spaces like STEM labs, art rooms, and makerspaces. The product line is designed to provide teachers with flexibility and adaptability, enabling them to shift between collaborative and individual learning environments.
New Unified Teams App Brings Together Work, Personal, and EDU Accounts

Microsoft's unified Teams app, in preview since March, is now available for Windows 11, Windows 10 and macOS users.
Rubrik, Okta Partner on AI-Driven Identity Threat Protection

Cybersecurity companies Rubrik and Okta are partnering to offer a new AI-powered identity threat protection solution.
Report: Education Sector a Top Target for Mobile Malware Attacks

Mobile and IoT/OT cyber threats are becoming more targeted and sophisticated across industry sectors, according to a new report from Zscaler.