9 ways to build privacy into your cloud applications

Privacy is one of those nebulous ideas that everyone loves. Delivering it, though, is a job that’s full of nuance and tradeoffs. Turn the dial too far to one side and the databases are useless. Turn it too far in the other direction and everyone is upset about your plan to install camera arrays in their shower to automatically reorder soap.

The good news is that there is a dial to turn. In the early days, everyone assumed that there was just a switch. One position delivered all of the wonderful magic of email, online ordering, and smartphones. The other position was the cash-only world of living off the grid in a cabin wearing an aluminum foil hat.

Privacy enhancing technologies let you control how much privacy to support but limit that control to preserve functionality. They mix in encryption functions with clever algorithms to build databases that can answer some questions correctly — but only for the right people.

In my book, Translucent Databases, I explored building a babysitter scheduling service that could let parents book babysitters without storing personal information in the central database. The parents and babysitters could get the correct answer from the database, but any attacker or insider with root privileges would get only scrambled noise.

The field has grown dramatically over the years and there are now a number of approaches and strategies that do a good job of protecting many facets of our personal lives. They store just enough information for businesses to deliver products while avoiding some of the obvious dangers that can appear if hackers or insiders gain access.

The approaches all have their limits. They will defend against the most general attacks but some start to crumble if the attackers are better equipped or the attacks are more targeted. Often the amount of protection is proportional to the amount of computation power required for the encryption calculations. Basic protections may not add noticeable extra load to the system, but providing perfect security may be out of reach for even the cloud companies.

Copyright © 2020 IDG Communications, Inc.

Source link