Microsoft has announced a research project which aims to increase confidence in the privacy and security of cloud computing initiatives: Verifiable Confidential Cloud Computing, or VC3.
Announced earlier this week during the IEEE Symposium on Security and Privacy, VC3 is designed to add additional security to existing systems for cloud computing providers which both hold sensitive information - such as personally-identifiable information or financial records - and yet need to make use of that data in some way.
While traditional methods of reversible encryption provide blanket access to the data once it is decrypted for use, VC3 aims to improve privacy and security by creating a 'lockbox' for the decrypted data which is only accessible through secure hardware modules managed by VC3 itself and never by the host hardware or operating system.
'To make the calculations, the client’s data is loaded into the secure hardware in the cloud, where the data is decrypted, processed and re-encrypted,
' explained Microsoft's Allison Linn in a blog post
regarding the project. 'No one else – including the people who work at the company running the cloud-based service – can see or access the data.
While VC3 is, at present, a research project - the paper for which is available at the company's research site
- Microsoft has real cause for investigating means of boosting privacy on public cloud infrastructure. Its own Azure platform is a money-spinner for the company, while the company is currently fighting a court order
demanding it turn over customers' data held on foreign systems to US law enforcement.