STRATUS: Towards Returning Data Control to Cloud Users

  • Ryan K. L. KoEmail author
  • Giovanni Russello
  • Richard Nelson
  • Shaoning Pang
  • Aloysius Cheang
  • Gill Dobbie
  • Abdolhossein Sarrafzadeh
  • Sivadon Chaisiri
  • Muhammad Rizwan Asghar
  • Geoffrey Holmes
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9532)


When we upload or create data into the cloud or the web, we immediately lose control of our data. Most of the time, we will not know where the data will be stored, or how many copies of our files are there. Worse, we are unable to know and stop malicious insiders from accessing the possibly sensitive data. Despite being transferred across and within clouds over encrypted channels, data often has to be decrypted within the database for it to be processed. Exposing the data at some point in the cloud to a few privileged users is undoubtedly a vendor-centric approach, and hinges on the trust relationships data owners have with their cloud service providers. A recent example of the abuse of the trust relationship is the high-profile Edward Snowden case. In this paper, we propose a user-centric approach which returns data control to the data owners – empowering users with data provenance, transparency and auditability, homomorphic encryption, situation awareness, revocation, attribution and data resilience. We also cover key elements of the concept of user data control. Finally, we introduce how we attempt to address these issues via the New Zealand Ministry of Business Innovation and Employment (MBIE)-funded STRATUS (Security Technologies Returning Accountability, Trust and User-centric Services in the Cloud) research project.


Cloud security Cloud computing User data control User-centric security Data provenance Homomorphic encryption Situation awareness Data resiliency 



This research is supported by STRATUS (Security Technologies Returning Accountability, Trust and User-Centric Services in the Cloud) (, a science investment project funded by the New Zealand Ministry of Business, Innovation and Employment (MBIE).


  1. 1.
    Goldman, D., Pagliery, J., Segall, L.: How celebrities’ nude photos get leaked. CNN Money (2014). Accessed 7 September 2015
  2. 2.
    Quenqua, D.: Guardians of Their Smiles. The New York Times (2009). Accessed 7 September 2015
  3. 3.
    Isidore, C., Goldman, D.: Ashley Madison hackers post millions of customer names. CNN Money (2015). Accessed 7 September 2015
  4. 4.
    Chen, A.: GCreep: Google Engineer Stalked Teens, Spied on Chats. GAWKER (2010). Accessed 7 September 2015
  5. 5.
    Cloud Controls Matrix v3.0 Info Sheet (2013). Accessed 7 September 2015
  6. 6.
    Calder, A.: Information Security Based on ISO 27001/ISO 1779: A Management Guide. Van Haren Publishing, Zaltbommel (2006)Google Scholar
  7. 7.
    Morse, E.A., Raval, V.: PCI DSS: payment card industry data security standards in context. Comput. Law Secur. Rev. 24(6), 540–554 (2008)CrossRefGoogle Scholar
  8. 8.
    Alhazmi, O.H., Malaiya, Y.K.: Assessing disaster recovery alternatives: on-site, colocation or cloud. In: The IEEE 23rd International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 19–20 (2012)Google Scholar
  9. 9.
    Wood, T., Cecchet, E., Ramakrishnan, K.K., Shenoy, P., Van der Merwe, J., Venkataramani, A.: Disaster recovery as a cloud service: economic benefits & deployment challenges. In: Proceedings of the 2nd USENIX Conference on Hot Topics in Cloud Computing (HotCloud 2010), Berkeley, CA, USA (2010)Google Scholar
  10. 10.
    Ko, R.K.L., Jagadpramana, P., Mowbray, M.: TrustCloud - a framework for accountability and trust in cloud computing. In: IEEE 2nd Cloud Forum for Practitioners (ICFP 2011), pp. 1–5. IEEE, Washington DC (2011)Google Scholar
  11. 11.
    Ko, R.K.L., Kirchberg, M., Lee, B.S.: From system-centric to data-centric logging-Accountability, trust & security in cloud computing. In: Defense Science Research Conference and Expo (DSR), pp. 1–4 (2011)Google Scholar
  12. 12.
    Ko, R.K.L., Lee, B.S., Pearson, S.: Towards achieving accountability, auditability and trust in cloud computing. In: International Workshop on Cloud Computing: Architecture, Algorithms and Applications (CloudComp2011), pp. 5–18, Kochi, India (2011)Google Scholar
  13. 13.
    Tan, Y.S., Ko, R.K.L., Jagadpramana, P., et al.: Tracking of data leaving the cloud. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 137–144 (2012)Google Scholar
  14. 14.
    Zhang, O.Q., Ko, R.K.L., Kirchberg, M., Suen, C.H., Jagadpramana, P., Lee, B.S.: How to track your data: rule-based data provenance tracing algorithms. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1429–1437 (2012)Google Scholar
  15. 15.
    RACKSPACE Cloud Monitoring (2015). Accessed 7 September 2015
  16. 16.
    vRealize Hyperic (2015). Accessed 7 September 2015
  17. 17.
    HyTrust Products (2015). Accessed 7 September 2015
  18. 18.
    Kim, G.H., Spafford, E.H.: Experiences with tripwire: using integrity checkers for intrusion detection. Purdue University Technical Reports (1994)Google Scholar
  19. 19.
    Ko, R.K.L., Jagadpramana, P., Lee, B.S.: Flogger: a file-centric logger for monitoring file access and transfers within cloud computing environments. In: 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 765–771 (2011)Google Scholar
  20. 20.
    Ko R.K.L., Goh G., Mather T., Jaini S., Lim R.: Cloud Consumer Advocacy Questionnaire and Information Survey Results (CCAQIS) v1.0. Cloud Security Alliance (2011)Google Scholar
  21. 21.
    Popper, K.R.: The Logic of Scientific Discovery. Taylor and Francis Group, Routledge (1959)zbMATHGoogle Scholar
  22. 22.
    American Bar Association.: Achieving Legal and Business Order in Cyberspace: A Report on Global Jurisdiction Issues Created by the Internet. The Business Lawyer, vol. 55, pp. 1801–1946 (2000)Google Scholar
  23. 23.
    Bradshaw, S., Millard, C., Walden, I.: Contracts for clouds: comparison and analysis of the terms and conditions of cloud computing services. Int. J. Law Inf. Technol. 19, 187–223 (2011)CrossRefGoogle Scholar
  24. 24.
    Hon, W.K., Millard, C., Walden, I.: Negotiating cloud contracts - looking at clouds from both sides Now. Queen Mary School of Law Legal Studies Research Paper (2012)Google Scholar
  25. 25.
    Regulation (EC) No 45/2001 of The European Parliament and of The Council. The European Parliament (2001)Google Scholar
  26. 26.
  27. 27.
    Susanto, H., Almunawar, M.N., Tuan, Y.C.: Information security management system standards: a comparative study of the big five (2011)Google Scholar
  28. 28.
    Eyers, D., Russello, G.: Toward unified and flexible security policies enforceable within the cloud. In: Dowling, J., Taïani, F. (eds.) DAIS 2013. LNCS, vol. 7891, pp. 181–186. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  29. 29.
    Dong, C., Russello, G., Dulay, N.: Shared and searchable encrypted data for untrusted servers. J. Comput. Secur. 19, 367–397 (2011)CrossRefGoogle Scholar
  30. 30.
    Russello, G., Dong, C., Dulay, N., Chaudron, M.R.V., van Steen, M.: Encrypted shared data spaces. In: Lea, D., Zavattaro, G. (eds.) COORDINATION 2008. LNCS, vol. 5052, pp. 264–279. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  31. 31.
    Russello, G., Dong, C., Dulay, N., Chaudron, M.R.V., van Steen, M.: Providing data confidentiality against malicious hosts in shared data spaces. Sci. Comput. Program. 75, 426–439 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Asghar, M.R., Ion, M., Russello, G., Crispo, B.: ESPOON: enforcing encrypted security policies in outsourced environments. In: ARES (2011)Google Scholar
  33. 33.
    Asghar, M.R., Ion, M., Russello, G., Crispo, B.: Securing data provenance in the cloud. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol. 7039, pp. 145–160. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  34. 34.
    Ion, M., Russello, G., Crispo, B.: An implementation of event and filter confidentiality in pub/sub systems and its application to e-health. In: ACM Conference on Computer and Communications Security (2010)Google Scholar
  35. 35.
    Ion, M., Russello, G., Crispo, B.: Providing confidentiality in content-based publish/subscribe systems. In: SECRYPT (2010)Google Scholar
  36. 36.
    Ion, M., Russello, G., Crispo, B.: Supporting publication and subscription confidentiality in pub/sub networks. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 272–289. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  37. 37.
    Ion, M., Russello, G., Crispo, B.: Enforcing multi-user access policies to encrypted cloud databases. In: POLICY (2011)Google Scholar
  38. 38.
    Ion, M., Russello, G., Crispo, B.: Design and implementation of a confidentiality and access control solution for publish/subscribe systems. Comput. Netw. 56, 2014–2037 (2012)CrossRefGoogle Scholar
  39. 39.
    Bösch, C., Brinkman, R., Hartel, P., Jonker, W.: Conjunctive wildcard search over encrypted data. In: Jonker, W., Petković, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 114–127. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  40. 40.
    Popa, R.A., Redfield, C.M.S., Zeldovich N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: SOSP (2011)Google Scholar
  41. 41.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy (2000)Google Scholar
  42. 42.
    Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: 2011 31st International Conference on Distributed Computing Systems (ICDCS) (2011)Google Scholar
  43. 43.
    Rhee, H.S., Park, J.H., Susilo, W., Lee, D.H.: Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw. 83, 763–771 (2010)CrossRefGoogle Scholar
  44. 44.
    Yang, Y., Lu, H., Weng, J.: Multi-user private keyword search for cloud computing. In: 2011 IEEE Third International Conference on the Cloud Computing Technology and Science (CloudCom) (2011)Google Scholar
  45. 45.
    Zhu, B., Zhu, B., Ren, K.: PEKSrand: providing predicate privacy in public-key encryption with keyword search. In: ICC (2011)Google Scholar
  46. 46.
    Gentry, C.: A fully homomorphic encryption scheme. Stanford University (2009)Google Scholar
  47. 47.
    Naehrig M., Lauter K., Vaikuntanathan V.: Can homomorphic encryption be practical? In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, pp. 113–124 (2011)Google Scholar
  48. 48.
    Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: ITCS (2012)Google Scholar
  49. 49.
    Gentry, C., Halevi, S., Smart, N.P.: Fully homomorphic encryption with polylog overhead. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 465–482. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  50. 50.
    Witten, I.H., Frank, E., Trig, L.E., Hall, M.A., Holmes, G., Cunningham, S.J.: Weka: practical machine learning tools and techniques with Java implementations (1999)Google Scholar
  51. 51.
    Nelson, R., Lawson, D., Lorier, P.: Analysis of long duration traces. ACM SIGCOMM Comput. Commun. Rev. 35, 45–52 (2005)CrossRefGoogle Scholar
  52. 52.
    Alcock, S., Nelson, R., Miles, D.: Investigating the impact of service provider NAT on residential broadband users (2010)Google Scholar
  53. 53.
    Lof, A., Nelson, R.: Comparing anomaly detection methods in computer networks. In: Fifth International Conference on Internet Monitoring and Protection (ICIMP), pp. 7–10 (2010)Google Scholar
  54. 54.
    Alcock, S., Lorier, P., Nelson, R.: Libtrace: a packet capture and analysis library. ACM SIGCOMM Comput. Commun. Rev. 42, 42–48 (2012)CrossRefGoogle Scholar
  55. 55.
    Cloud Security Alliance. The notorious nine: cloud computing top threats in 2013 (2013). Accessed 7 September 2015
  56. 56.
    Krautheim, F.J.: Private virtual infrastructure for cloud computing. In: Proceedings of the 2009 Conference on Hot Topics in Cloud Computing (2009)Google Scholar
  57. 57.
    Dr Dobbs Journal. SIEM: A Market Snapshot (2007). Accessed 7 September 2015
  58. 58.
    Ko, R.K.L., Lee, S.S.G., Rajan, V.: Understanding cloud failures. IEEE Spectr. 49(12), 84 (2013)Google Scholar
  59. 59.
    Sutton, M., Greene, A., Amini, P.: Fuzzing: Brute Force Vulnerability Discovery. Pearson Education, Upper Saddle River (2007)Google Scholar
  60. 60.
    Takanen, A., Demott, J.D., Miller, C.: Fuzzing for Software Security Testing and Quality Assurance. Artech House, Norwood (2008)zbMATHGoogle Scholar
  61. 61. THC-IPV6 (2015). Accessed 7 September 2015
  62. 62.
    Trend Micro. SecureCloud - Securing and Controlling Sensitive Data in the Cloud. SecureCloud (2015). Accessed 7 September 2015
  63. 63.
    Aura Information Security (2012). Aura RedShield (2015). Accessed 7 September 2015
  64. 64.
    Bertino, E., Paci, F., Ferrini, R., Shang, N.: Privacy-preserving digital identity management for cloud computing. IEEE Data Eng. Bull. 32, 21–27 (2009)Google Scholar
  65. 65.
    Gopalakrishnan, A.: Cloud computing identity management. SETLabs Briefings 7, 45–54 (2009)Google Scholar
  66. 66.
    Celesti, A., Tusa, F., Villari, M., Puliafito, A.: Security and cloud computing: intercloud identity management infrastructure. In: The 19th IEEE International Workshop on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), pp. 263–265 (2010)Google Scholar
  67. 67.
    Agrafiotis, I., Creese, S., Goldsmith, M., Papanikolaou, N., Mont, M.C., Pearson, S.: Defining consent and revocation policies. In: Proceedings of 2010 IFIP/PrimeLife Summer School (2010)Google Scholar
  68. 68.
    Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 261–270 (2010)Google Scholar
  69. 69.
    Mont, M.C., Sharma, V., Pearson, S.: EnCoRe: dynamic consent, policy enforcement and accountable information sharing within and across organisations. Technical report, HP Laboratories HPL-2012-36 (2012)Google Scholar
  70. 70.
    Pang, S.: Research and development on decentralized analytical methods for network traffics with regional information. Unitec-NICT Research Center on Computational Intelligence for CyberSecurity (2012)Google Scholar
  71. 71.
    Pang, S., Ban, T., Kadobayashi, Y., Kasabov, N.: LDA merging and splitting with applications to multi-agent cooperative learning and system alteration. IEEE Trans. Syst. Man Cybern. Part B. 42(2), 552–564 (2012)CrossRefGoogle Scholar
  72. 72.
    Wood, T., Gerber, A., Ramakrishnan, K., Van der Merwe, J., Shenoy, P.: The case for enterprise ready virtual private clouds. In: Proceedings of the Usenix Workshop on Hot Topics in Cloud Computing (HotCloud), San Diego, CA, USA (2009)Google Scholar
  73. 73.
    Citrix Systems Inc., Business Continuity (2015). Accessed 7 September 2015
  74. 74.
    Pokharel, M., Lee, S., Park, J.S.: Disaster recovery for system architecture using cloud computing. In: The 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT), pp. 304–307 (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Ryan K. L. Ko
    • 1
    Email author
  • Giovanni Russello
    • 2
  • Richard Nelson
    • 1
  • Shaoning Pang
    • 3
  • Aloysius Cheang
    • 4
  • Gill Dobbie
    • 2
  • Abdolhossein Sarrafzadeh
    • 3
  • Sivadon Chaisiri
    • 1
  • Muhammad Rizwan Asghar
    • 2
  • Geoffrey Holmes
    • 1
  1. 1.University of WaikatoHamiltonNew Zealand
  2. 2.University of AucklandAucklandNew Zealand
  3. 3.Unitec Institute of TechnologyAucklandNew Zealand
  4. 4.Cloud Security Alliance (Asia Pacific)SingaporeSingapore

Personalised recommendations