Azure Active Directory Data Security Considerations
When we talk about the Cloud, encryption is typically not far. There are different challenges with encryption, one of them – besides usability, key management etc – is the loss of functionality.
In other words: If we would assume that we can manage the keys with reasonable efforts and the user is able to use the technology transparently and without real additional effort a few problems would be solved. So, if we then own the keys, we do not care anymore, where the data is located. And we could even have the discussion with the regulator about whether we could move data across the Globe if we keep the key within the country’s borders.
However, there is one caveat we see fairly often: You lose search. Encrypted data cannot be indexed and therefore cannot be searched. Homomorphic encryption would promise a solution there as you can start to do calculations on encrypted data, get an encrypted result without ever having accessed unencrypted data. If this would work, you could generate an encrypted index from encrypted data without decrypting the data first. Sounds like a miracle but it exists.
Today’s biggest challenge with these algorithms is poor performance. They work but are really sloooooooooooooooooooooooooooooooooooooooooooow. Now it seems, that Microsoft Research and Princeton University leapfrogged: Microsoft researchers smash homomorphic encryption speed barrier.
Let’s see but this could solve a lot of problems, once implemented in a product.
Related posts
