Encrypting data in the cloud brings win for Texas

The University of Texas' Brent Waters receives a $200,000 Microsoft fellowship

For his work on the foundations of a new way of encrypting data, Brent Waters from the University of Texas in Austin has been elected as one of this year's Microsoft Research Faculty Fellows.

Waters' main research interests are in cryptography and computer security. His work addresses the increasing trend toward cloud computing, and he is looking to lay the foundations for a new model to secure data stored in the cloud.

Third-party data centers where companies store their data have been high-value targets for attackers, Waters said. To prevent customer data from being leaked it should be stored in encrypted form only. "The problem is that traditional encryption systems do not work with many cloud applications," he said. They were designed only for sharing and exchanging data between single known users.

That traditional approach does not meet the needs of an enterprise storing data in the cloud that should be shared by huge groups of users, particularly if some users do not even exist in the system at the time the data is encrypted. For instance, a sales person could be hired after data he or she needs for work is being encrypted and saved in a cloud data center.

Waters wants to solve problems like this with so-called functional encryption. "It is a totally different vision for encryption," he said. Unlike traditional encryption where data is encrypted to individual users, with functional encryption one would embed certain access predicates directly into the ciphertext, Waters said.

These predicates would also be attributed to users depending on their access rights to certain data, Waters said. A sales person, for instance, would have credentials different from those of a manager. "If someone gets a certain attribute at a later time he will also be able to get access to the data," Waters said. This means an employee being promoted to a higher position would get new attributes and then be able to gain access to data available to managers only.

Waters said the system would be secure against so-called colluding users. If two people with different credentials tried to use them in combination to access encrypted data not available for people in their position, they would not get access, he said.

Waters' vision is that this principle of functional encryption could one day work with any function. A possible application would be in image encryption, Waters said. With this it would, for example, be possible to partially decrypt a picture of a group of people. Only a user who has been identified by facial recognition software could then see exactly the part of the image that shows him. "At the moment we cannot do this, but I believe we will be able to someday," Waters said.

Waters said he was proud of the fellowship. "The interview process was very challenging and getting the grant for unrestricted use means they trust you and believe in your work," he said.

Waters said he has not decided yet how he'll spend the US$200,000 grant coming with the Microsoft fellowship. He said maybe he would use a part of it to fund a sabbatical leave. "I enjoy doing research at the University of Texas at Austin and I like teaching -- but it would be great to clear my schedule for maybe a year to have time to think and work closely with some researchers in California I have a special relationship with," he said.

Waters received his Ph.D. and Master of Arts in computer science from Princeton University in 2004 and 2002, respectively. In 2000 he finished his Bachelor of Science in computer science at the University of California, Los Angeles.

Join the CSO newsletter!

Error: Please check your email address.

Tags popular scienceMicrosoft

More about MicrosoftWaters Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Nicolas Zeitler

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place