Towards Privacy-by-Design Peer-to-Peer Cloud Computing

  • Leucio Antonio Cutillo
  • Antonio Lioy
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8058)


Current Cloud services raise serious security and privacy concerns due to the potential misuse of user data by the omniscient Cloud service provider. Solutions proposing the “Cloud-of-clouds” paradigm just mitigate service availability threats, and additional encryption operations do not prevent users from being identified and traced. Moreover, these solutions still fail to address a main orthogonal problem, i.e. the intrinsic contrast between the provider’s business model and the user’s privacy. In this paper, we propose a new architecture for Cloud computing which addresses the protection of the user’s privacy from the outset. Cloud services are provided by a number of cooperating independent parties consisting in the user nodes themselves. Unlike current Cloud services, the proposed solution provides user anonymity and untraceability. Such architecture can still take part in the “Cloud-of-clouds”, allowing users to select service providers on the basis of the expected privacy protection.


Peer-to-Peer Cloud privacy-by-design 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Babaoglu, O., Marzolla, M., Tamburini, M.: Design and implementation of a P2P cloud system. In: SAC 2012: 27th Annual ACM Symposium on Applied Computing, Trento, Italy, March 26-30, pp. 412–417 (2012), doi:10.1145/2245276.2245357Google Scholar
  3. 3.
    Chen, Y., Sion, R.: On securing untrusted clouds with cryptography. In: WPES 2010: 9th Annual ACM Workshop on Privacy in the Electronic Society, Chicago, IL, USA, pp. 109–114 (October 4, 2010), doi:10.1145/1866919.1866935Google Scholar
  4. 4.
    Comscore, How technology and analytics drive the mobile market (February 2013),
  5. 5.
  6. 6.
    Cutillo, L., Molva, R., Strufe, T.: Safebook: A privacy-preserving online social network leveraging on real-life trust. IEEE Communications Magazine 47(12), 94–101 (2009), doi:10.1109/MCOM.2009.5350374CrossRefGoogle Scholar
  7. 7.
    Gartner, Forecast overview: Public cloud services, worldwide, 2011-2016, 2q12 update (August 2012),
  8. 8.
    Gupta, A., Kapoor, L., Wattal, M.: C2C (Cloud-to-cloud): An ecosystem of cloud service providers for dynamic resource provisioning. In: Abraham, A., Lloret Mauri, J., Buford, J.F., Suzuki, J., Thampi, S.M. (eds.) ACC 2011, Part I. CCIS, vol. 190, pp. 501–510. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  9. 9.
    Lai, K., Yu, Y.: A scalable multi-attribute hybrid overlay for range queries on the cloud. Information Systems Frontiers 14(4), 895–908 (2012), doi:10.1007/s10796-011-9328-7MathSciNetCrossRefGoogle Scholar
  10. 10.
    Marozzo, F., Talia, D., Trunfio, P.: P2P-MapReduce: Parallel data processing in dynamic cloud environments. Journal of Computer and System Sciences 78(5), 1382–1402 (2012), doi:10.1016/j.jcss.2011.12.021CrossRefGoogle Scholar
  11. 11.
    Park, J., Sandhu, R.: Towards usage control models: beyond traditional access control. In: SACMAT 2002: 7th ACM Symposium on Access Control Models and Technologies, Monterey, CA, USA, June 3-4, pp. 57–64 (2002), doi:10.1145/507711.507722Google Scholar
  12. 12.
    Ranjan, R., Zhao, L., Wu, X., Liu, A., Quiroz, A., Parashar, M.: Peer-to-peer cloud provisioning: Service discovery and load-balancing. In: Antonopoulos, N., Gillam, L. (eds.) Cloud Computing, pp. 195–217. Springer, London (2010), doi:10.1007/978-1-84996-241-4_12CrossRefGoogle Scholar
  13. 13.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications 34(1), 1–11 (2011), doi:10.1016/j.jnca.2010.07.006CrossRefGoogle Scholar
  14. 14.
    Warren, S.D., Brandeis, L.D.: The right to privacy. Harward Law Review 4(5), 193–220 (1890)CrossRefGoogle Scholar
  15. 15.
    Xu, K., Song, M., Zhang, X., Song, J.: A cloud computing platform based on P2P. In: ITIME 2009: IEEE International Symposium on IT in Medicine & Education, Jinan, Shandong, China, August 14-16, pp. 427–432 (2009), doi:10.1109/ITIME.2009.5236386Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Leucio Antonio Cutillo
    • 1
  • Antonio Lioy
    • 1
  1. 1.Dip. Automatica e InformaticaPolitecnico di TorinoTorinoItaly

Personalised recommendations