Secure and Privacy-Friendly Storage and Data Processing in the Cloud

  • Pasquale Chiaro
  • Simone Fischer-Hübner
  • Thomas Groß
  • Stephan Krenn
  • Thomas Lorünser
  • Ana Isabel Martínez Garcí
  • Andrea Migliavacca
  • Kai Rannenberg
  • Daniel Slamanig
  • Christoph Striecks
  • Alberto Zanini
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 526)


At the IFIP Summer School 2017, the two H2020 projects credential and prismacloud co-organized a workshop dedicated to introducing the necessary background knowledge and demonstrating prototypes of privacy-preserving solutions for storing, sharing, and processing potentially sensitive data in untrusted cloud environments. This paper summarizes the given presentations and presents the discussions and feedback given by the workshop attendees, including students and senior researchers from different domains as well as relevant non-academic stakeholders such as public data protection agencies.


Privacy Data protection Demonstration 


  1. 1.
    Lorünser, T., Krenn, S., Striecks, C., Länger, T.: Agile cryptographic solutions for the cloud. e&i Elektrotechnik und Informationstechnik 134, 364–369 (2017)CrossRefGoogle Scholar
  2. 2.
    Alaqra, A., Fischer-Hübner, S., Groß, T., Lorünser, T., Slamanig, D.: Signatures for privacy, trust and accountability in the cloud: applications and requirements. In: Aspinall, D., Camenisch, J., Hansen, M., Fischer-Hübner, S., Raab, C. (eds.) Privacy and Identity 2015. IAICT, vol. 476, pp. 79–96. Springer, Cham (2016). Scholar
  3. 3.
    Karegar, F., Striecks, C., Krenn, S., Hörandner, F., Lorünser, T., Fischer-Hübner, S.: Opportunities and challenges of CREDENTIAL - towards a metadata-privacy respecting identity provider. In: Lehmann, A., Whitehouse, D., Fischer-Hübner, S., Fritsch, L., Raab, C. (eds.) Privacy and Identity 2016. IAICT, vol. 498, pp. 76–91. Springer, Cham (2016). Scholar
  4. 4.
    ISO/IEC: ISO/IEC 24760: A Framework for Identity Management - Part 1: Terminology and Concepts, Part 2: Reference Framework and Requirements, Part 3: Practice (2011–2016).
  5. 5.
    Rannenberg, K., Camenisch, J., Sabouri, A. (eds.): Attribute-Based Credentials for Trust: Identity in the Information Society. Springer, Cham (2015). Scholar
  6. 6.
    Hörandner, F., Krenn, S., Migliavacca, A., Thiemer, F., Zwattendorfer, B.: CREDENTIAL: a framework for privacy-preserving cloud-based data sharing. In: ARES 2016, pp. 742–749. IEEE Computer Society (2016)Google Scholar
  7. 7.
    Kostopoulos, A., Sfakianakis, E., Chochliouros, I.P., Pettersson, J.S., Krenn, S., Tesfay, W., Migliavacca, A., Hörandner, F.: Towards the adoption of secure cloud identity services. In: ARES 2017, pp. 90:1–90:7. ACM (2017)Google Scholar
  8. 8.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002). Scholar
  9. 9.
    Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998). Scholar
  10. 10.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24, 84–88 (1981)CrossRefGoogle Scholar
  11. 11.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28, 1030–1044 (1985)CrossRefGoogle Scholar
  12. 12.
    Camenisch, J., Krenn, S., Lehmann, A., Mikkelsen, G.L., Neven, G., Pedersen, M.Ø.: Formal treatment of privacy-enhancing credential systems. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 3–24. Springer, Cham (2016). Scholar
  13. 13.
    Krenn, S., Lorünser, T., Salzer, A., Striecks, C.: Towards attribute-based credentials in the cloud. In: Chow, S.S., Capkun, S. (eds.) Cryptology and Network Security - CANS 2017 (2017, to be published)Google Scholar
  14. 14.
    Lorünser, T., et al.: Towards a new paradigm for privacy and security in cloud services. In: Cleary, F., Felici, M. (eds.) Cyber Security and Privacy. CCIS, vol. 530, pp. 14–25. Springer, Cham (2015). Scholar
  15. 15.
    Lorünser, T., Länger, T., Slamanig, D.: Cloud security and privacy by design. In: Katsikas, S.K., Sideridis, A.B. (eds.) e-Democracy 2015. CCIS, vol. 570, pp. 202–206. Springer, Cham (2015). Scholar
  16. 16.
    Lorünser, T., Slamanig, D., Länger, T., Pöhls, H.C.: PRISMACLOUD tools: a cryptographic toolbox for increasing security in cloud services. In: 11th International Conference on Availability, Reliability and Security, ARES 2016, Salzburg, Austria, 31 August–2 September 2016, pp. 733–741. IEEE Computer Society (2016)Google Scholar
  17. 17.
    Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Blakley, G.R.: Safeguarding cryptographic keys. In: AFIPS National Computer Conference (1979)Google Scholar
  19. 19.
    Ahn, J.H., Boneh, D., Camenisch, J., Hohenberger, S., Shelat, A., Waters, B.: Computing on authenticated data. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 1–20. Springer, Heidelberg (2012). Scholar
  20. 20.
    Haber, S., Hatano, Y., Honda, Y., Horne, W.G., Miyazaki, K., Sander, T., Tezoku, S., Yao, D.: Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: Abe, M., Gligor, V.D. (eds.) ASIACCS 2008, pp. 353–362. ACM, New York (2008)Google Scholar
  21. 21.
    Camenisch, J., Derler, D., Krenn, S., Pöhls, H.C., Samelin, K., Slamanig, D.: Chameleon-hashes with ephemeral trapdoors - and applications to invisible sanitizable signatures. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10175, pp. 152–182. Springer, Heidelberg (2017). Scholar
  22. 22.
    Groß, T.: Efficient certification and zero-knowledge proofs of knowledge on infrastructure topology graphs. In: CCSW 2014, pp. 69–80. ACM (2014)Google Scholar
  23. 23.
    Derler, D., Slamanig, D.: Fully-anonymous short dynamic group signatures without encryption. IACR Cryptology ePrint Archive 2016/154 (2016)Google Scholar
  24. 24.
    Krenn, S., Lorünser, T., Striecks, C.: Batch-verifiable secret sharing with unconditional privacy. In: Proceedings of the 3rd International Conference on Information Systems Security and Privacy, ICISSP, INSTICC, vol. 1, pp. 303–311. ScitePress (2017)Google Scholar
  25. 25.
    Demirel, D., Krenn, S., Lorünser, T., Traverso, G.: Efficient and privacy preserving third party auditing for a distributed storage system. In: 11th International Conference on Availability, Reliability and Security, ARES 2016, Salzburg, Austria, 31 August–2 September 2016, pp. 88–97. IEEE Computer Society (2016)Google Scholar
  26. 26.
    Lorünser, T., Querasser, E., Matyus, T., Peev, M., Wolkerstorfer, J., Hutter, M., Szekely, A., Wimberger, I., Pfaffel-Janser, C., Neppach, A.: Security processor with quantum key distribution. In: 2008 International Conference on Application-Specific Systems, Architectures and Processors, ASAP 2008, pp. 37–42. IEEE (2008)Google Scholar
  27. 27.
    Neppach, A., Pfaffel-Janser, C., Wimberger, I., Lorünser, T., Meyenburg, M., Szekely, A., Wolkerstorfer, J.: Key management of quantum generated keys in IPsec. In: International Conference on Security and Cryptography SECRYPT, 26–29 July 2008, SECRYPT 2008, pp. 177–183. Institute for Systems and Technologies of Information, Control and Communication Press (2008)Google Scholar
  28. 28.
    Happe, A., Krenn, S., Lorünser, T.: Malicious clients in distributed secret sharing based storage networks. In: Anderson, J., Matyáš, V., Christianson, B., Stajano, F. (eds.) Security Protocols 2016. LNCS, vol. 10368, pp. 206–214. Springer, Cham (2017). Scholar
  29. 29.
    Happe, A., Wohner, F., Lorünser, T.: The archistar secret-sharing backup proxy. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES 2017, pp. 88:1–88:8. ACM, New York (2017)Google Scholar
  30. 30.
    Lorünser, T., Happe, A., Slamanig, D.: ARCHISTAR: towards secure and robust cloud based data sharing. In: 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 371–378 (2015)Google Scholar
  31. 31.
    Bleikertz, S., Groß, T., Schunter, M., Eriksson, K.: Automated information flow analysis of virtualized infrastructures. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 392–415. Springer, Heidelberg (2011). Scholar
  32. 32.
    Bleikertz, S., Vogel, C., Groß, T.: Cloud radar: near real-time detection of security failures in dynamic virtualized infrastructures. In: ACSAC 2014, pp. 26–35. ACM (2014)Google Scholar
  33. 33.
    Bleikertz, S., Vogel, C., Groß, T., Mödersheim, S.: Proactive security analysis of changes in virtualized infrastructures. In: ACSAC 2015 (2015)Google Scholar
  34. 34.
    Groß, T.: Signatures and efficient proofs on committed graphs and NP-statements. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 293–314. Springer, Heidelberg (2015). Scholar
  35. 35.
    Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003). Scholar
  36. 36.
    Camenisch, J., Groß, T.: Efficient attributes for anonymous credentials. In: ACM CCS 2008, pp. 345–356. ACM Press (2008)Google Scholar
  37. 37.
    Camenisch, J., Groß, T.: Efficient attributes for anonymous credentials. TISSEC 15, 4:1–4:30 (2012)CrossRefGoogle Scholar
  38. 38.
    Groß, T.: Geo-location separation of virtualized systems. Technical report CS-TR, Newcastle University (2017)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  • Pasquale Chiaro
    • 1
  • Simone Fischer-Hübner
    • 2
  • Thomas Groß
    • 3
  • Stephan Krenn
    • 4
  • Thomas Lorünser
    • 4
  • Ana Isabel Martínez Garcí
    • 5
  • Andrea Migliavacca
    • 6
  • Kai Rannenberg
    • 7
  • Daniel Slamanig
    • 4
  • Christoph Striecks
    • 4
  • Alberto Zanini
    • 6
  1. 1.InfoCertMilanItaly
  2. 2.Karlstad UniversityKarlstadSweden
  3. 3.University of Newcastle upon TyneNewcastle upon TyneUK
  4. 4.AIT Austrian Institute of Technology GmbHViennaAustria
  5. 5.ETRA Investigacion y Desarrollo, S.A.ValenciaSpain
  6. 6.Lombardia Informatica S.p.A.MilanItaly
  7. 7.Goethe University FrankfurtFrankfurtGermany

Personalised recommendations