The open source software project named Crypton is working on a solution that would enable developers to easily create encrypted cloud-based collaboration environments.
However, developers of the open source framework envision that in the future apps like Evernote, Basecamp, Freshbooks and Google Docs will be able provide their users with “meaningful guarantees” to their privacy.
Crypton is a framework which enables applications to encrypt data within a Web browser even before it is sent out to a remote server, according to Ethan Oberman, CEO of SpiderOak, an online cloud backup provider behind that is behind the Crypton project.
Crypton allows developers to provide their customers a private storage and collaboration environment without having to rely on third party security layers or post development hacks.
“To our knowledge there is no other existing framework that handles all the encryption, database storage and private user-to-user communication needed to build a zero knowledge cloud application,” according to the Crypton Web site.
Other cloud applications, according to the project researchers, may have encryption but “not in a generalized, reusable form” that developers could easily use to build a wide range of apps.
Seven steps to software security
After a decade of news detailing countless successful cyber-attacks, it's hard to imagine a corporation not understanding they need a software security solution. Unlike implementing software quality assurance, the processes that go into making applications more secure are still relatively immature. As well, ownership for the security of software in an organization is not always consistent or clear.