One thing you don't elaborate is reduction of the metadata attack surface by reducing the amount of exposed metadata. In a messaging model, the only thing that needs to be exposed "to the cloud" is the destination locator, and possibly a random-ish (perhaps a hash of the content) message tag. See the Crowcroft SNA idea previously referenced on this list.
Note that one can certainly envision an onion-routing model here that could further obfuscate peer linkages "within the cloud". Especially with randomized timing. On Oct 20, 2013 5:57 PM, "Cullen Jennings" <[email protected]> wrote: > > I've been thinking about how to build cloud collaborations systems where > the data is encrypted and the cloud does not have the keys. Very interested > in hearing others thoughts on how to do this. > > Near the end is a list of things that it would be helpful if the IETF > standardized. > > http://www.ietf.org/id/draft-jennings-perpass-secure-rai-cloud-00.pdf > > Cullen > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
