Browse Prior Art Database

Apparatus and method to automatically choose encryption level for data in cloud environment

IP.com Disclosure Number: IPCOM000237175D
Publication Date: 2014-Jun-06
Document File: 8 page(s) / 172K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is an apparatus and method that automatically enables data encryption with different levels according to the data's meta-info and entity relationship extracted from data self.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 47% of the total text.

Page 01 of 8

Apparatus and method to automatically choose encryption level for data in cloud environment

It is important to encrypt data before put them in a place that is vulnerable to hackers. A file uploading process may be initialized when a user

wants to store their files in remote cloud or private cloud on the purpose of backup or sharing. Typically, the files uploaded will be encrypted to some extents except the owner decides to share them to the public. For example, symmetrical encryption, mentioned in reference 1, on user account or specific files is commonly used as the basic method. For data with high level security concern, the asymmetrical encryption, or so called public-key cryptography is used, which is mentioned in reference2. However, both symmetrical encryption and asymmetrical encryption are not implemented in the process of computation, which is the main security topic of public cloud. To resolve issue above, a scheme of homomorphic encryption, which is recognized as the methodology to resolve security concern of public cloud, was come up with by Craig Gentry on June 25, 2009. However, the performance of homomorphic encryption has been the biggest barrier in the way to make it commercialized publicly.

Although importance of encryption is commonly known for confidential data, not all the files in data cloud need the highest level encryption because either in personal computer or enterprise data center many files are not really important or with high security necessities. For instance, an open-sourced Linux OS distribution that can be downloaded anytime anywhere is not necessary to encrypted.

The problem here is how to decide whether a file or a piece of data should be encrypted.

How to help common users automatically to decide what they should encrypted with specific encryption level?

Common user may choose all the files to be encrypted with highest encryption level, which is very computation-consuming.

A user may misunderstand the security principles or upload confidential files unconsciously to public cloud.

Users with different level of skill may refer to same description to different content, misunderstanding always make the situation worse and impact a company's integration.

Disclosed is an apparatus and method that automatically enables data encryption with different levels according to the data's meta-info and entity relationship extracted from data self. For every file or data block, there is metadata of the data.( http://en.wikipedia.org/wiki/Metadata) For the files of which formats are recognizable, the readable content will be extracted and processed so that the entity relationship, which is implementable by using NER mentioned in reference 5, in the content can be recognized. With the recognition of files' entity relationship, files in enterprise environment can be clustered with specific keywords or entity relationships. Once the classifications of files are decided and with the extractions of confidential keyw...