A graduate student from the University of California, Merced (UC Merced) recently developed an encryption system designed for smart phones that send and retrieve sensitive data from cloud services.
UC Merced’s website reports that Mehdi Bahrami, a student in the School of Engineering, created an efficient encryption system that allows private data, such as pictures and documents, to be safely stored in one or more clouds. Bahrami claims that unlike most encryption systems available today, his takes up minimal storage data on a smartphone and uses less energy.
Bahrami developed the system under the guidance of Professor Mukesh Singhal of the engineering school. Working in UC Merced’s “Cloud Lab” program (which is sponsored by Microsoft), the two conducted research into improving cloud services such as storage and security.
“Data privacy can be violated by the cloud vendor, the vendor’s authorized users, other cloud users, unauthorized users or external, malicious entities,” Bahrami said. “Encryption is one way to protect and maintain the data privacy of cloud-stored data, but encryption methods have been expensive for mobile devices.”
Bahrami and Singhal claim that many cloud users are not fully aware of where their data goes or who has access to it. Even after clicking “yes” to a cloud’s terms of agreement, users often fail to find out the details of their data’s privacy.
“Mehdi’s technique for protecting the privacy of ‘data in motion’ and ‘data at rest’ is one of the most efficient,” Singhal said. “Mehdi’s method will have a significant impact on how mobile devices, such as smartphones, iPads, smart watches, etc., protect data when communicating and working with clouds.”
Bahrami, an accomplished electronics engineer, is a member of the Institute of Electrical and Electronics Engineers (IEEE) and was the editor-in-chief of the Journal of Soft Computing and Software Engineering.
He recently presented his system at a conference at UC Berkeley and is set to deliver more talks at Stanford University and UCLA.
Of the various industries interested in the encryption, the medical field is perhaps most in need of reliable methods of delivering and storing patient information safely. Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), medical providers are required to ensure the privacy of all patient data before sending, receiving, or storing it online.
Of course, fields outside of medicine are also anxious for encryption systems under the cloud, as hacking and leak cases have continued to pile up over recent years. In 2013 alone, roughly 47% of businesses lost data under the cloud and were forced to retrieve the lost data from backups. Moreover, traditional methods of file transfer, such as email, tend to be outdated in that they cannot send files over a certain size, something many users today find limiting. Most email providers, for example, can only support up to 10 MB of content.
Bahrami hopes to make his system available for commercial use soon, which he feels will make mobile security less expensive and more efficient than current systems.