Thursday, 8 December 2011 09:44 2341No Commentshttp%3A%2F%2Fblog.q1labs.com%2F2011%2F12%2F08%2Fsecurity-week-excerpt-self-aware-data-smarter-for-sure%2FSecurity+Week+Excerpt%3A+Self+Aware+Data%3F+Smarter+for+Sure.2011-12-08+14%3A44%3A40Melissa+Stevenshttp%3A%2F%2Fblog.q1labs.com%2F%3Fp%3D2341

Posted by Melissa Stevens in Cloud Security, Cybersecurity, In the Industry

What control do you have over data once it leaves  your network?  Do you have any idea where it’s been, or what’s been done to it?

In his latest contribution at Security Week, Chris Poulin ponders the concept of smarter data; data that is self aware.  In an effort to combat security issues with “free-range data”-  issues like lack of access control, identification and tamper-proofing- Poulin suggests that looking at data as an object made up of code, properties and of course, the data itself, would eliminate these security challenges.

He says, “Putting on my developer’s hat, I envision data as an object composed of some sort of universal code, the data, and accompanying properties. To protect the information and code, it could only be run on a system controlled by the data’s owner, perhaps using a method similar to public/private key pairs, and aside from innocuous information about the certificate, everything else is encrypted.

The benefits are manifold: you could revoke access to any individual at any time, self-destruct the data (well, the decryption keys anyway), and implement true data-in-motion DLP, just to name a few. Additionally, you could provide tiered access to the data or properties based on role or user, which would be useful in helping cloud providers make intelligent decision on how to store and handle the data, for example.”

Click here to read the full article, “Self Aware Data? Smarter for Sure,” and share your thoughts on Poulin’s ideas about smarter data.  Is he dreaming big or just dreaming?