Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »Apply today for a FREE subscription to CIO Magazine!
April 22, 2008 — Network World — Researchers are touting an innovative cryptography method they've developed called "functional encryption," which though largely untested in the real world, one day could have an impact on how enterprise data is encrypted, stored and decrypted.
UCLA associate professor Amit Sahai, who has worked with UCLA computer-science alumnus Brent Waters on functional encryption for three years, says the technology lets an individual encrypt data in a way that lets people decrypt it only if they have the right "attributes."
"The mathematical system will produce an encrypted record that only people matching the criteria can decrypt," says Sahai, who recently published a paper on functional encryption with Waters that was presented at last week's Eurocrypt Conference. "To do this, you get a personalized key that expresses your attributes bound up in one key."
In an enterprise environment, the attributes bound up in users' encryption keys might be associated with just a name or also with the jobs they do that require restricted access to scrambled data in business, government or a university. "There could be a one-way decryption function used in many ways in both custom or Web applications, for example," Sahai says Each personalized key, expressing the security attributes of what that person is permitted to view, would unlock only the appropriate encrypted data and nothing else.
A user's key would be able to decrypt scrambled data because the data, always stored in encrypted form, would recognize through a mathematical process the people holding the right key with the appropriate attribute associated with that data. "It’s through all this math packed into the message that the reader is recognized," says Sahai, who says functional encryption makes use of elliptic-curve encryption, which is seen as computationally efficient.
Sahai says the hope is that the work he and his colleagues have done will one day improve server-based security. "We really want to make it so the server has no idea what it's holding," he says. "Instead, we want to make sure the right people get the data, and this is through the mathematics itself."
Although Sahai says his technology can't properly be called digital-rights management, he says it could be viewed as a type of "privacy-rights management" based on the concept of a system public key. The challenge of devising a tool for functional encryption is not just the complex math but also making sure the system can withstand so-called "collusion attacks" to undermine its integrity, Sahai says.
Earlier versions of a functional-encryption software tool were made public in the past at UCLA, and Sahai says he will soon make available a new version of the functional encryption tool for review so experts can test its efficacy.
The paper will also be published in a forthcoming edition of the Journal of Cryptography. UCLA says the research into functional encryption has been funded in part by the National Science Foundation, the U.S. Army Research Office and the U.S. Dept of Homeland Security. © 2007 Network World Inc.

Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.