New data leakage prevention technology in cloud computing environments.
Fujitsu Laboratories Limited today announced the development of security technology that enables confidential data to be safely shared among different computing clouds.
With the advent of cloud computing, the boundary separating internal and external data has become increasingly blurred due to the utilization of external services. As a result, existing methods of preventing data leakage, such as only using a gateway to block the outflow of confidential data, have become insufficient, and there is increased demand for new security technology to allow the safe use of confidential data even in the cloud.
Fujitsu has developed new cloud information gateway technology that masks confidential information contained within data before it is processed in the cloud and that transfers applications from the cloud to inside the company for internal processing, thereby making it possible to utilize cloud services without transmitting actual data. This technology enables users to safely utilize confidential data in the cloud, encouraging new uses of cloud computing, such as cross-industry collaborations and specialized uses in specific industries.
Details of this technology will be presented at Computer Security Symposium 2010 (CSS2010), to be held starting October 19 in Okayama Prefecture, Japan.
With the rapid adoption of cloud computing-based services, an increasing number of users are expected to employ clouds to safely utilize confidential data as part of cross-industry collaborations. Currently, users have to choose between the confidentiality offered by private networks and the convenience offered by the cloud, but increasingly they will have to entrust clouds with confidential data.
Until now, Fujitsu Laboratories has developed technology to prevent the unwanted disclosure of various data, including preventing leaks from paper-based materials and data stored in USB memory devices. In anticipation of the age of cloud computing, however, new technology to prevent information leaks is becoming necessary.
Existing techniques for preventing information leaks include encryption and the blocking of the outflow of confidential data before it reaches a company’s external boundary. In the age of cloud computing, however, the boundary separating internal and external data has become increasingly blurred due to the utilization of external services. As a result, services cannot be employed if a user simply blocks or encrypts classified data. Furthermore, such methods would make it impossible for multiple companies to securely use each other’s data in the cloud.
With the newly developed cloud gateway, confidential data can be securely handled in the cloud without users or application developers having to take special precautions to guard data confidentiality. Depending on the circumstances, data can either be masked or the cloud-based processing application will be executed in-house, and therefore confidential data are not physically transferred to the cloud. Because the information gateway limits data flowing into or out of the cloud, movements of data in the cloud traffic flows can be made visible, and it is possible to block the transfer or copying of data to unintended destinations. These functions will be essential for cases in which private data are being handled in the cloud or for collaborations in which multiple organizations are developing new products.