Security as a Service for User Customized Data Protection

  • Kenichi Takahashi
  • Takanori Matsuzaki
  • Tsunenori Mine
  • Takao Kawamura
  • Kazunori Sugahara
Part of the Communications in Computer and Information Science book series (CCIS, volume 180)


Some of Internet services require users to provide their sensitive information such as credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner in which information is used by a service provider appears vulnerable, users have no choice but to allow such usage. In this paper, we propose a framework that enables users to select the manner in which their sensitive information is protected. In our framework, a policy, which defines the type of information protection, is offered as a Security as a Service. According to the policy, users can incorporate the type of information protection into a program. By allowing a service provider to use their sensitive information through this program, users can protect their sensitive information according to the manner chosen by them.


Service Provider Cloud Computing Mobile Agent Sensitive Information Original Program 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Japan Network Security Association. Information Security Incident Survey Report ver.1.0,
  2. 2.
    McAfee Security-as-a-Service,
  3. 3.
  4. 4.
    Yahoo! Auction - Safety Payment Service,
  5. 5.
    Rakuten Safety Trading Services,
  6. 6.
    Stinson, D.R. (ed.): Cryptography: Theory and Practice, Crc Pr I Llc (1995)Google Scholar
  7. 7.
    P3P project,
  8. 8.
  9. 9.
    Theodorakopoulos, G., Baras, J.: Trust Evaluation in Ad-Hoc Networks. In: WiSe 2004, pp. 1–10 (2004)Google Scholar
  10. 10.
    Xiu, D., Liu, Z.: Trust Model for Pervasive Computing Environments. In: FTDCS 2004, pp. 80–85 (2004)Google Scholar
  11. 11.
    Karabulut, Y.: Towards a Next-Generation Trust Management Infrastructure for Open Computing Systems. In: SPPC 2004 (2004)Google Scholar
  12. 12.
    Pearce, C., Bertok, P., Schyndel, R.: Protecting Consumer Data in Composite Web Services. In: IFIP/SEC 2005 (2005)Google Scholar
  13. 13.
    Chow, R., Golle, P., Jakobson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling Data in the Cloud: Outsourcing Computation Without Outsourcing Control. In: CCSW 2010, pp. 85–90 (2009)Google Scholar
  14. 14.
    Wang, W., Li, Z., Owens, R., Bhargave, B.: Secure and Efficient Access to Outsourced Data. In: CCSW 2010, pp. 55–65 (2009)Google Scholar
  15. 15.
    Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient Controlled Encryption: En- suring Privacy of Electronic Medical Records. In: CCSW 2010, pp. 103–114 (2009)Google Scholar
  16. 16.
    Imada, M., Takasugi, K., Ohta, M., Koyanagi, K.: LooM: A Loosely Managed Privacy Protection Method for Ubiquitous Networking Environments. IEICE Trans. on Comm. J88-B(3), 563–573 (2005)Google Scholar
  17. 17.
    Miyamoto, T., Takeuchi, T., Okuda, T., Harumoto, K., Ariyoshi, Y., Shimojo, S.: A Proposal for Profile Control Mechanism Considering Privacy and Quality of Per- sonalization Services. In: DEWS 2005, 6A-o1(2005)Google Scholar
  18. 18.
    Yamada, S., Kamioka, E.: Access Control for Security and Privacy in Ubiquitous Computing Environments. IEICE Trans. on Comm E88-B(3), 846–856Google Scholar
  19. 19.
    Mell, P., Grance, T.: The NIST Definition of Cloud Computing,
  20. 20.
    The result of questionnaire about Cloud Computing,
  21. 21.
    2010 Analysis Report of the Market of Cloud Service in Japan,

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Kenichi Takahashi
    • 1
  • Takanori Matsuzaki
    • 2
  • Tsunenori Mine
    • 3
  • Takao Kawamura
    • 1
  • Kazunori Sugahara
    • 1
  1. 1.Department of Information and Electronics, Graduate School of EngineeringTottori UniversityTottoriJapan
  2. 2.Kinki University School of Humanity-Oriented Science and EngineeringIizuka-shiJapan
  3. 3.Faculty of Information Science and Electrical EngineeringKyushu UniversityNishi-kuJapan

Personalised recommendations