Your data is out there, somewhere – all of your data. Encryption can protect files on your laptop or PC. Storing them on a remote server – such as DropBox is another option. And … well, that’s about it.
So I read with interest a recent article in New Scientist that pointed towards a so-called “third option” for data security.
Dubbed “Cloud Shredder”, this new system is scheduled for launch – at least for Adobe Acrobat and Open Office – this month.
It has been developed, we’re told, by Nan Zhang, a researcher at the Chinese Academy of Sciences, and colleagues.
How will it work?
The Shredder reportedly splits files into two pieces when they’re placed in a Dropbox-style folder. One half remains on your local hard drive, while the other is sent to the cloud.
If your laptop is stolen, you simply delete the cloud part of your data and the thief is left with a hard drive full of junk.
Conceptually, this seems a great way to encourage people to feel more comfortable about storing their confidential files using cloud computing.
People can, and do, store their files using cloud computing at the moment, of course, but there are a number of privacy considerations – not least the question of who else can access your information.
The Shredder system means you will need to bring together the two parts of the file to be able to open and read it. Someone on the internet may be able to see the other part of your file, but they can’t open or read it as they do not have access to the all-important second part, which is on your PC.
Think of it like tearing up a dollar bill and giving another person the other half – the bill’s only of value when the halves meet up again.
The idea of having two parts (or “keys”) to allow access to any of the files that are stored in the cloud is not new.
This is core to the design of the internet, in that secure data is encrypted with a number of “keys” that only allow the sender and recipient to access the data. Anyone intercepting the data cannot read it as it’s coded, and is therefore secure from prying eyes.
Sharing and storing a range of file fragments would be fine if you were to use the same PC or laptop to access your files in the cloud. The obvious logistical challenge comes the minute you want to use another PC to access your cloud files, given that PC will not have the part needed to make the file complete.
There are a number of other considerations to the approach of having parts of your file on your PC and the other parts on the internet:
1) Performance overhead. With one half of your file in the cloud and the other on your PC, each time you update your file and save it, it has to write parts of the file to the internet and the other part to your PC.
The Shredder introduces another layer of software that has to manage the processes of deciding which bits (literally) go where (i.e. to your PC or the cloud).
That would increase the processing time needed for working with the file, and slow things down marginally.
2) Backup and recovery. Files such as PDF, Excel spreadsheets, Word documents and so on can be stored anywhere (a memory stick, your PC, the cloud) as distinct objects, as they are fully encapsulated and complete.
That also means that you have full control over the back-up and restoration of the file in its entirety. If your files were split in half by the Cloud Shredder, how would this be possible?
3) Internet bandwidth and latency. If you are using a file on your local PC, it all runs as fast as your PC, and you are not dependent on how fast your internet connection is.
By having half of your file constantly on the internet, you are at the mercy of the speed of your internet connection. For large files, this may be a problem.
Imagine working on a large spreadsheet – each time you moved from one end of the file to the other, you could be watching the hourglass way more that you’d like to.
3) Emailing files to others. Presumably this would be a problem? The file joining methods would need to be capable of transferring the local PC copy to others via email.
4) Wherever there is a code, security system, key or other encryption method, it will attract keen hackers. The encryption algorithms would need to be fairly robust.
5) Cloud vendor “lock-in”. Presumably your cloud provider would be providing the Shredder capability. If you wish to put your files into another cloud provider’s system, how would this transfer be done without breaching the security?
The Cloud Shredder concept is a good one. The real challenge will be to overcome the range of practical considerations, and to convince everyone it’s robust enough to provide the rigorous security expected by businesses, governments and consumers alike.