Application Security // Database Security
11/15/2013
12:00 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Mobile Protoype Encrypts Data First, Ships To Cloud Later

'CloudCapsule' can be used with Dropbox and Google Drive. It locks down files prior to their storage in the cloud for accessing them without a proxy.

Researchers at Georgia Tech have built a prototype that encrypts files before they are sent to the cloud for storage.

The so-called "CloudCapsule" system can be used with cloud storage services, such as Dropbox and Google Drive, for locking down files prior to their storage in the cloud and for accessing them without a proxy. The technology can be used for desktops, laptops, and mobile devices, but the researchers initially have built a prototype for just mobile devices -- specifically, iOS.

"We thought its greatest utility would be in the mobile space," given the explosion in BYOD, says Paul Royal, associate director of the Georgia Tech Information Security Center (GTISC), where the prototype was created. "This lets us combine some of the reasonable process-isolation present in mobile OSes with a seamless and transparent way of encrypting data you want to place into the cloud."

Read the rest of this article on Dark Reading.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3308
Published: 2015-09-02
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

CVE-2015-4330
Published: 2015-09-02
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.

CVE-2015-6274
Published: 2015-09-02
The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273.

CVE-2015-6277
Published: 2015-09-02
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote...

CVE-2015-6587
Published: 2015-09-02
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.