Currently, so-called “cloud” technologies are becoming increasingly popular. Cloud technologies provide remote access to computing resources or data without substantial expense for the computer infrastructure of a company (i.e., the client of the cloud technology service). Typically, the client only needs to have a constant Internet connection to gain access to a cloud service. In general, there are several types of cloud services—private cloud services, public cloud services, and a hybrid of the two. A private cloud service is designed for a particular company or group of persons and essentially constitutes a dedicated network with resources, whereas a public cloud service provides access to its resources to all connected clients. A hybrid cloud service combines both of these approaches and enables a more flexible construction of the computer infrastructure of a company.
Not surprisingly, companies that produce antivirus software are also interested in cloud technologies. In particular, due to the growth in the number of malicious programs and the techniques for their distribution, the need has arisen for a new approach to protect users other than the constant releasing of antivirus databases, which, in turn, are not insured against possible mistakes due to inadequate testing time, as well as due to the possibility of the companies producing antivirus solutions concealing the decision making (i.e. malware detection) logic in the cloud service.
One of the examples of cloud technologies in the field of computer security is Kaspersky Security Network (KSN). Very generally stated, the algorithm of its operation is as follows: the user sends a request to a cloud service to check an unknown file or link and receives a reply in the form of a “safe” verdict or “dangerous” verdict. In practice, the technology is much more complicated than this example, and its various implementations have been described in U.S. Pat. Nos. 7,640,589 and 8,732,836, for example, both of which are also assigned to the assignee of this application.
Cloud technologies also have a drawback due to the fact that when the technologies are used in corporate networks, data may be involved (e.g., data on an unknown file, such as digital signature, size, title, and the like) whose use/access by a third party might be forbidden. As a result, the network administrator may prevent the transmission of such data and/or refuse the use of such a technology, since it may run counter to confidentiality policies existing in the organization, also known as DLP (“Data Leak Prevention”) policies.
In light of such an issue, there are certain proposed solutions to make data anonymous or for a more flexible setup of a cloud service. For example, in one proposed solution, data can be anonymously transmitted, such that the service can be set up for a particular user. Moreover, in order to make use of antivirus cloud technologies, it is important to preserve a balance between the level of detection of malicious programs and attacks (i.e., the quality of the antivirus services provided) and the level of compliance with secrecy (i.e., privacy) involving the checking of the data being sent.
Analyzing the existing solutions reveals that these technologies are often ineffective and, in certain circumstances, unusable.