HCI Patterns for Cryptographically Equipped Cloud Services
Recent cryptographic research has devised several new algorithms and protocols with a potential of mitigating several of the most ardent security and privacy threats, existing in currently available public cloud services. Nevertheless, such cryptographic schemes often exhibit counterintuitive functionality to end users, or they work differently to other already established traditional schemes with which users are already familiar. A practical solution to address these problems involves a human centered design approach, deriving Human Computer Interaction (HCI) requirements from consultations and extensive testing with experts, prospective end users, and other stakeholders. The European Horizon 2020 project PRISMACLOUD “Privacy and Security Maintaining Services for the Cloud” uses such an approach and provides HCI patterns as part of its proper cloud service development methodology CryptSDLC to communicate HCI requirements to cloud service designers and user interface implementers. In this article, we present several new cryptographic cloud services, e.g. for redacting digitally signed data, and for redundant storage and sharing of confidential data in a public cloud scenario, together with three example HCI patterns for specific interactions of end users with these services. We show how these patterns were elaborated and validated in practice to prove the suitability for their intended purpose. To summarize, we give an account on our practical experience during the actual prototype development and implementation and show how they constitute an essential element of the CryptSDLC development methodology.
KeywordsCloud computing Cryptography HCI patterns End-user security End-user privacy
The authors’ work is supported by the European Union Horizon 2020 research project No. 644962 PRISMACLOUD “Privacy and security maintaining services in the cloud”; (2/2015-7/2018); online (8.2.2018): https://prismacloud.eu.
- 1.European Commission: Regulation (EU) 2016/679 of The European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (2016). Accessed 20 July 2017Google Scholar
- 3.Lorünser, T., Krenn, S., Striecks, C., Länger, T.: Agile cryptographic solutions for the cloud. e & i Elektrotechnik und Informationstechnik, September 2017. ISSN: 0932-383X (printed version) ISSN: 1613-7620 (electronic version)Google Scholar
- 4.Lorünser, T., Slamanig, D., Länger, T., Pöhls, H.C.: PRISMACLOUD tools: a cryptographic toolbox for increasing security in cloud services. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). IEEE (2016)Google Scholar
- 5.PRISMACLOUD: Improved Guidelines and architectures for Secure Service Composition. Public deliverable D7.6 of the PRISMACLOUD H2020 project (2017). https://prismacloud.eu
- 6.Alexander, C., Ishikawa, S., Silverstein, M.: A Pattern Language: Towns, Buildings, Construction. Oxford University Press, New York (1977)Google Scholar
- 8.Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns - Integrating Security and Systems Engineering. Wiley, West Sussex (2006)Google Scholar
- 9.Länger, T., Pöhls, H.C., Ghernaouti, S.: Selected cloud security patterns to improve end user security and privacy in public clouds. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 115–132. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44760-5_8CrossRefGoogle Scholar
- 10.Fischer-Hübner, S., et al. (ed.): HCI Pattern Collection–Version 2. PrimeLife Deliverable D4.1.3 (2010). http://primelife.ercim.eu/images/stories/deliverables/d4.1.3-hci_pattern_collection_v2-public.pdf
- 12.Alaqra, A., Fischer-Hübner, S., Pettersson, J.S., Wästlund, E.: Stakeholders’ perspectives on malleable signatures in a cloud-based eHealth scenario. In: HAISA, pp. 220–230 (2016)Google Scholar
- 13.PRISMACLOUD public deliverable D3.3 HCI Research Report. The report, containing the HCI patterns developed in the PRISMACLOUD project will be available by project end, 31 July 2018. https://prismacloud.eu
- 14.Loruenser, T., Happe, A., Slamanig, D.: ARCHISTAR: towards secure and robust cloud based data sharing. In: 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 371–378. IEEE, November 2015Google Scholar
- 15.Happe, A., Wohner, F., Lorünser, T.: The archistar secret-sharing backup proxy. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, p. 88. ACM, August 2017Google Scholar