Advertisement

Towards a New Paradigm for Privacy and Security in Cloud Services

  • Thomas Lorünser
  • Charles Bastos Rodriguez
  • Denise Demirel
  • Simone Fischer-Hübner
  • Thomas Groß
  • Thomas Länger
  • Mathieu des Noes
  • Henrich C. Pöhls
  • Boris Rozenberg
  • Daniel Slamanig
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 530)

Abstract

The market for cloud computing can be considered as the major growth area in ICT. However, big companies and public authorities are reluctant to entrust their most sensitive data to external parties for storage and processing. The reason for their hesitation is clear: There exist no satisfactory approaches to adequately protect the data during its lifetime in the cloud. The EU Project Prismacloud (Horizon 2020 programme; duration 2/2015–7/2018) addresses these challenges and yields a portfolio of novel technologies to build security enabled cloud services, guaranteeing the required security with the strongest notion possible, namely by means of cryptography. We present a new approach towards a next generation of security and privacy enabled services to be deployed in only partially trusted cloud infrastructures.

Keywords

Cloud Computing Cloud Service Secret Sharing Service Composition Cloud Provider 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgements

This work has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644962.

References

  1. 1.
    Andersson, C., Camenisch, J., Crane, S., Fischer-Hübner, S., Leenes, R., Pearson, S., Pettersson, J.S., Sommer, D.: Trust in PRIME. In: ISSPIT, pp. 552–559 (2005)Google Scholar
  2. 2.
    Backes, M., Fiore, D., Reischuk, R.M.: Verifiable delegation of computation on outsourced data. In: ACM CCS, pp. 863–874. ACM (2013)Google Scholar
  3. 3.
    Beek, M.T., Bucchiarone, A., Gnesi, S.: A Survey on Service Composition Approaches: From Industrial Standards to Formal Methods. Technical report 2006-TR-15 (2006)Google Scholar
  4. 4.
    Bessani, A., Correia, M., Quaresma, B., André, F., Sousa, P.: Depsky: dependable and secure storage in a cloud-of-clouds. Trans. Storage 9(4), 1–12 (2013)CrossRefGoogle Scholar
  5. 5.
    Bleikertz, S., Groß, T.: A virtualization assurance language for isolation and deployment. In: POLICY. IEEE, June 2011Google Scholar
  6. 6.
    Bleikertz, S., Groß, T., Mödersheim, S.: Security analysis of dynamic infrastructure clouds (extended abstract), September 2013Google Scholar
  7. 7.
    Bleikertz, S., Groß, T., Schunter, M., Eriksson, K.: Automated information flow analysis of virtualized infrastructures. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 392–415. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  8. 8.
    Bleikertz, S., Vogel, C., Groß, T.: Cloud radar: near real-time detection of security failures in dynamic virtualized infrastructures. In: ACSAC, pp. 26–35. ACM (2014)Google Scholar
  9. 9.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: ACM CCS, pp. 225–234. ACM Press (2004)Google Scholar
  10. 10.
    Buchmann, J., Demirel, D., van de Graaf, J.: Towards a publicly-verifiable mix-net providing everlasting privacy. In: Financial Cryptography, pp. 197–204 (2013)Google Scholar
  11. 11.
    Camenisch, J., Herreweghen, E.V.: Design and implementation of the idemix anonymous credential system. In: ACM CCS, pp. 21–30. ACM (2002)Google Scholar
  12. 12.
    Canard, S., Lescuyer, R.: Protecting privacy by sanitizing personal data: a new approach to anonymous credentials. In: ASIA CCS, pp. 381–392. ACM (2013)Google Scholar
  13. 13.
    Catalano, D.: Homomorphic signatures and message authentication codes. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 514–519. Springer, Heidelberg (2014) Google Scholar
  14. 14.
    Catalano, D., Marcedone, A., Puglisi, O.: Authenticating computation on groups: new homomorphic primitives and applications. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 193–212. Springer, Heidelberg (2014) Google Scholar
  15. 15.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable signatures: new definitions and delegatable anonymous credentials. In: CSF, pp. 199–213. IEEE (2014)Google Scholar
  16. 16.
    Cloud Security Alliance: Cloud security alliance website (2009). https://cloudsecurityalliance.org. Accessed 31 March 2015
  17. 17.
    Danezis, G., Kohlweiss, M., Rial, A.: Differentially private billing with rebates. In: Filler, T., Pevný, T., Craver, S., Ker, A. (eds.) IH 2011. LNCS, vol. 6958, pp. 148–162. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  18. 18.
    Di Lorenzo, G., Hacid, H., Benatallah, B., Paik, H.Y.: Data integration in mashups. Sigmod Rec. 38(1), 59–66 (2009)CrossRefGoogle Scholar
  19. 19.
    Erl, T.: Service-Oriented Architecture: Concepts, Technology, and Design. Pearson Education India, Delhi (2006) Google Scholar
  20. 20.
    European Commission: European cloud computing strategy “unleashing the potential of cloud computing in europe” (2012). http://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy. Accessed 31 March 2015
  21. 21.
    European Union Agency for Network and Information Security-ENISA: Cloud computing repository. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing
  22. 22.
    Fiore, D., Gennaro, R., Pastro, V.: Efficiently verifiable computation on encrypted data. In: ACM CCS, pp. 844–855 (2014)Google Scholar
  23. 23.
    Ghernaouti-Helie, S.: Cyber Power - Crime. Conflict and Security in Cyberspace. EPFL Press, Burlington (2013) CrossRefGoogle Scholar
  24. 24.
    Groß, T.: Signatures and efficient proofs on committed graphs and NP-statements. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 293–314. Springer, Heidelberg (2015) CrossRefGoogle Scholar
  25. 25.
    Gupta, V.H., Gopinath, K.: \(\text{ G }_{\text{ its }}^2\) vsr: an information theoretical secure verifiable secret redistribution protocol for long-term archival storage. In: Security in Storage Workshop, SISW 2007, pp. 22–33. IEEE Computer Society, Washington, DC, USA (2007). http://dx.doi.org/10.1109/SISW.2007.9
  26. 26.
    Hanser, C., Slamanig, D.: Blank digital signatures. In: ASIA CCS. ACM (2013)Google Scholar
  27. 27.
    Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and their application to anonymous credentials. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 491–511. Springer, Heidelberg (2014) Google Scholar
  28. 28.
    Harbach, M., Fahl, S., Rieger, M., Smith, M.: On the acceptance of privacy-preserving authentication technology: the curious case of national identity cards. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 245–264. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  29. 29.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  30. 30.
    Moran, T., Naor, M.: Split-ballot voting: everlasting privacy with distributed trust. ACM Trans. Inf. Syst. Secur. 13(2), 246–255 (2010)CrossRefGoogle Scholar
  31. 31.
    Müller-Quade, J., Unruh, D.: Long-term security and universal composability. J. Cryptol. 23(4), 594–671 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    National Institute of Standards and Technology-NIST: Cloud computing program. http://www.nist.gov/itl/cloud/index.cfm. Accessed 31 March 2015
  33. 33.
    Paquin, C., Zaverucha, G.: U-prove cryptographic specification v1.1, revision 3. Technical report, Microsoft Corporation (2013)Google Scholar
  34. 34.
    Pfeffer, H., Linner, D., Steglich, S.: Modeling and controlling dynamic service compositions. In: Computing in the Global Information Technology, pp. 210–216. IEEE (2008)Google Scholar
  35. 35.
    Pöhls, H.C., Samelin, K.: On updatable redactable signatures. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 457–475. Springer, Heidelberg (2014) Google Scholar
  36. 36.
    PRWeb: A cloud computing forecast summary for 2013–2017 from idc, gartner and kpmg, citing a study by accenture (2013). http://www.prweb.com/releases/2013/11/prweb11341594.htm. Accessed 31 March 2015
  37. 37.
    Schiffman, J., Sun, Y., Vijayakumar, H., Jaeger, T.: Cloud verifier: verifiable auditing service for IaaS clouds. In: CSA, June 2013Google Scholar
  38. 38.
    Slamanig, D.: Efficient schemes for anonymous yet authorized and bounded use of cloud resources. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 73–91. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  39. 39.
    Slamanig, D., Hanser, C.: On cloud storage and the cloud of clouds approach. In: ICITST-2012, pp. 649–655. IEEE Press (2012)Google Scholar
  40. 40.
    Steinfeld, R., Bull, L., Zheng, Y.: Content extraction signatures. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, p. 285. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  41. 41.
    Transparency Market Research: Cloud computing services market - global industry size, share, trends, analysis and forecasts 2012–2018 (2012). http://www.transparencymarketresearch.com/cloud-computing-services-market.html. Accessed 31 March 2015
  42. 42.
    Walfish, M., Blumberg, A.J.: Verifying computations without reexecuting them. Commun. ACM 58(2), 74–84 (2015)CrossRefGoogle Scholar
  43. 43.
    Wästlund, E., Angulo, J., Fischer-Hübner, S.: Evoking comprehensive mental models of anonymous credentials. In: iNetSeC, pp. 1–14 (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Thomas Lorünser
    • 1
  • Charles Bastos Rodriguez
    • 2
  • Denise Demirel
    • 3
  • Simone Fischer-Hübner
    • 4
  • Thomas Groß
    • 5
  • Thomas Länger
    • 6
  • Mathieu des Noes
    • 7
  • Henrich C. Pöhls
    • 8
  • Boris Rozenberg
    • 9
  • Daniel Slamanig
    • 10
  1. 1.AIT Austrian Institute of TechnologyViennaAustria
  2. 2.ATOS Spain S.A.MadridSpain
  3. 3.Technische Universität DarmstadtDarmstadtGermany
  4. 4.Karlstad UniversityKarlstadSweden
  5. 5.Newcastle UniversityNewcastle upon TyneUK
  6. 6.University of LausanneLausanneSwitzerland
  7. 7.Commissariat á l’énergie atomique et aux énergies alternativesGrenobleFrance
  8. 8.University of PassauPassauGermany
  9. 9.IBM Haifa Research LabHaifaIsrael
  10. 10.Graz University of TechnologyGrazAustria

Personalised recommendations