1. Field
The present invention relates generally to data encryption and, more particularly, to a system and method of seamlessly encrypting data files before uploading them to a public cloud storage system, while still maintain the ability to search, access, manipulate and share the data files.
2. Related Art
With the proliferation of mobile computing, virtual offices and a general “computing on the go” culture, usage of cloud-based content management services like Box Drive®, DropBox®, Google Drive® etc., has grown tremendously in recent years. The various online productivity features that may use no software installations, along with the “easy sharing” and “access from anywhere” nature of cloud applications are driving up the use of these cloud-based content management applications within enterprises. As a result, vast amounts of corporate data are migrating to these services in the cloud. However, one pertinent issue that is a growing concern is that of privacy (and security) of data residing in the cloud. Data privacy and security regularly ranks amongst the top concerns for businesses, especially if the business is in a regulated industry and/or makes significant innovations and has a lot of sensitive and proprietary information to manage.
In spite of these concerns for data security, there is a surprising lack of support for enforcing data privacy in cloud-based content management applications across the board. The owner has to practically hand over his/her data to the service provider in order to get any meaningful service. Traditional data storage systems have acknowledged the need for greater security for data from malicious entities, and as a result, have implemented a variety of measures for securing data at rest—from relational database management systems (RDIMS), network attached storage (NAS) appliances, tape drives to PC hard drives, vendors today support granular data encryption. They have also integrated suitable frameworks for encryption-key management and policy-based access control. However, when the database administrators themselves are not trusted by data owners (as is the case for public-cloud platforms), some other mechanism for data encryption is required that protects the data without affecting its usability in the cloud.