Clipperz's "Zero-knowledge" Approach To Managing Sensitive Data
By: Savio Rodrigues | 2008-04-23
Marco Barulli from Clipperz reached out to introduce their online password-manager. I'd been looking for a good solution for some time now.
While their Password manager seems pretty cool, especially the Direct Logins feature, I'm more intrigued by how Marco and team will apply this technology to other areas.
Clipperz had originally used the term "zero-knowledge web application" to describe Clipperz's approach to managing sensitive data via/over the Internet:
"We simply meant that Clipperz knows nothing about its users and their data!"It appears that the term "zero-knowledge" has a previous meaning, but I can't think of a better term right now. How is an application a "zero-knowledge" application?
1. Host-proof hosting: In order to avoid storing readable data on the server a zero-knowledge web application should encrypt and decrypt the data inside the browser.I'd consider #1 and #4 to be must-have capabilities in a world where we access applications and data residing on a 3rd party cloud vendor's infrastructure. This is true for personal data and for corporate data, (difficult to say which would be more important). I don't know if Amazon, Sun, IBM, Microsoft or any of the other current/future cloud providers offer capabilities to address #1 and #4. If not, Clipperz is available under the AGPL or commercial license ;-).
2. Hide nothing: Therefore full access to the source code of the application is required.
3. Prevent code changes: Therefore it's of the utmost importance to implement the necessary measures to stop any attempt to modify the code executed by the browser.
4. Learn nothing: As a consequence of the "learn nothing" mantra, every zero-knowledge application should be completely anonymous, or at least it should make it impossible to relate the real name or email of a user to his data.
Additionally, I see a use for Clipperz technology at virtually every SaaS company. It's somewhat surprising that companies have been storing corporate data on servers belonging to Google, SugarCRM, Salesforce.com, Yahoo/Zimbra, without these capabilities.
About the Author: Savio Rodrigues is a product manager with IBM's WebSphere Software division. He envisions a day when open source and traditional software live in harmony. This site contains Savio's personal views. IBM does not necessarily agree with the views expressed here.