Skip to main content
https://www.highperformancecpmgate.com/rgeesizw1?key=a9d7b2ab045c91688419e8e18a006621

Kalepso looks to break into the crowded encrypted database space

Databases might be the least sexy thing in tech. Second to that might be encryption. That isn’t stopping Kalepso, a Montreal, Canada-based encrypted database startup that’s trying to fill in the gaps in an already crowded security space. (No pressure, then.)

Kalepso says it can do better than other database offerings out there by melding strong security with high reliability, while filling in the spots where sensitive data can be accessed or obtained in the clear. Its Harvard-educated founders found that all the existing database services out there are either slow or insecure. The team says Kalepso, its eponymous database system, sits between the database storage and the application, providing several layers of additional security, which they say doesn’t sacrifice speed, security or functionality of the database. The company launched today at Disrupt Berlin on the Startup Battlefield stage.

In other words, you can access your data securely without it leaking — or getting stolen.

Insider threats, check. Data breaches, protected. Chip-level exploits? No problem, said Kalepso co-founder Georgios Depastas. Kalepso says that its database encryption software covers all bases. Kalepso uses differential privacy to allow database analysis without revealing individuals’ data, while oblivious RAM re-scrambles the database after each query to avoid pattern leakages.

Depastas and team said that they’re already using their technology to help one unnamed financial institution — where data security is paramount — switch from a clunky and cumbersome data transfer setup to Kalepso, by intercepting and encrypting data from its runtime environment in real time and feeding it to its storage server. That means the encrypted data can’t be read on the server — either in storage or its memory. But Kalepso’s technology still lets authorized users run analytics on the data set without decrypting the data. “Every time a new query is fired, the data gets dynamically re-encrypted,” said Depastas, referring to its use of oblivious RAM.

[gallery ids="1752107,1752108,1752104,1752103"]

But what does Kalepso’s security offer better than the other major players — Oracle’s MySQL, PostgreSQL or MongoDB? Kalepso doesn’t have a punchy nor convincing answer.

The product sounds good in theory, but Kalepso faces an uphill battle for relevance. The database and database security market is busy and competitive, and the startup is fighting against a raft of already established database encryption offerings, from Baffle to in-house providers like Amazon. The database market is huge — and growing, as much as double-digit billions by 2025.

Kalepso has so far struggled to find its voice — instead relying on catchy cartoon videos, and buzzwords like “hack-proof data protection” and “military-grade encryption” — terms that draw ire from the security community for their baseless and unprovable claims.

The company gets points for using existing, tried and tested cryptographic standards to scramble the data, but loses points for offering a security product — another layer of code that hackers can use to attack — that isn’t open source. That means the code is proprietary and could have flaws — or worse, susceptible to backdoors or exploitation. “We haven’t experienced significant pushback to this approach,” said Depastas. That may work for now, but it’s not likely to fly in the wider enterprise market, which relies on extensive testing and auditing rather than trust or blind faith.

Three years of research later, there’s hope for Kalepso’s success. The company has a beta product and a staging area for companies to test the product — but little else to show for it, beyond impossible promises and thoughtless marketing.

Comments

Post a Comment

Popular posts from this blog

Uber co-founder Garrett Camp steps back from board director role

Uber co-founder Garrett Camp is relinquishing his role as a board director and switching to board observer — where he says he’ll focus on product strategy for the ride hailing giant. Camp made the announcement in a short Medium post in which he writes of his decade at Uber: “I’ve learned a lot, and realized that I’m most helpful when focused on product strategy & design, and this is where I’d like to focus going forward.” “I will continue to work with Dara [Khosrowshahi, Uber CEO] and the product and technology leadership teams to brainstorm new ideas, iterate on plans and designs, and continue to innovate at scale,” he adds. “We have a strong and diverse team in place, and I’m confident everyone will navigate well during these turbulent times.” The Canadian billionaire entrepreneur signs off by saying he’s looking forward to helping Uber “brainstorm the next big idea”. Camp hasn’t been short of ideas over his career in tech. He’s the co-founder of the web 2.0 recommendatio
Post a Comment
Read more

Drone crash near kids leads Swiss Post and Matternet to suspend autonomous deliveries

A serious crash by a delivery drone in Switzerland have grounded the fleet and put a partnership on ice. Within a stone’s throw of a school, the incident raised grim possibilities for the possibilities of catastrophic failure of payload-bearing autonomous aerial vehicles. The drones were operated by Matternet as part of a partnership with the Swiss Post (i.e. the postal service), which was using the craft to dispatch lab samples from one medical center for priority cases. As far as potential applications of drone delivery, it’s a home run — but twice now the craft have crashed, first with a soft landing and the second time a very hard one. The first incident, in January, was the result of a GPS hardware error; the drone entered a planned failback state and deployed its emergency parachute, falling slowly to the ground. Measures were taken to improve the GPS systems. The second failure in May, however, led to the drone attempting to deploy its parachute again, only to sever the line
Post a Comment
Read more

ProtonMail logged IP address of French activist after order by Swiss authorities

ProtonMail , a hosted email service with a focus on end-to-end encrypted communications, has been facing criticism after a police report showed that French authorities managed to obtain the IP address of a French activist who was using the online service. The company has communicated widely about the incident, stating that it doesn’t log IP addresses by default and it only complies with local regulation — in that case Swiss law. While ProtonMail didn’t cooperate with French authorities, French police sent a request to Swiss police via Europol to force the company to obtain the IP address of one of its users. For the past year, a group of people have taken over a handful of commercial premises and apartments near Place Sainte Marthe in Paris. They want to fight against gentrification, real estate speculation, Airbnb and high-end restaurants. While it started as a local conflict, it quickly became a symbolic campaign. They attracted newspaper headlines when they started occupying prem
Post a Comment
Read more