Although cloud computing promises numerous benefits, including lower costs, rapid scaling, easier maintenance, and ubiquitous availability, a key challenge is how to protect users’ data in the cloud. Today, users effectively lose control of their data in the cloud, and if either the cloud infrastructure or applications are compromised, users’ privacy will be at risk. The ubiquitous concern over cloud data privacy demands a paradigm shift, such that users can retain control of their data in the cloud, and verify that the cloud providers have correctly enforced their privacy policies.
In this talk, I will describe several enabling technologies towards this vision. Specifically, I will talk about 1) how to safeguard users’ data against potentially compromised applications; 2) how to safeguard users’ data against a potentially compromised computation provider; and 3) how to safeguard users’ data against a potentially compromised storage provider. I will also talk about our ongoing effort at integrating these technologies to provide a cloud infrastructure which offers data protection at the platform level. In this way, users can benefit from the rich cloud applications without worrying about the privacy of their data; and application developers can focus on developing functionality while offloading the burden of providing security and privacy to the cloud platform.
Elaine Shi is a research scientist at University of California, Berkeley. She obtained her Ph.D. and Masters in Computer Science from Carnegie Mellon University, and her B.E. from Tsinghua University. Previously, she was also a Member of Research Staff at Palo Alto Research Center (PARC).
Elaine is broadly interested in the general area of security, privacy, and applied cryptography. In her research, she takes a unique approach where she combines theoretic innovations with practical system design and implementation. Her research spans a wide range of topics, including computation on encrypted data, privacy-preserving data mining, system security, sensor network and vehicular network security, usable authentication, secure storage systems, and so on. She has published more than 35 scholarly publications, and her work has received more than 2000 citations. Aside from security and privacy, Elaine is also interested in data mining. In particular, she and her team won the IJCNN/Kaggle Social Network Challenge in 2011.