HCI Patterns for Cryptographically Equipped Cloud Services

  • Thomas LängerEmail author
  • Ala Alaqra
  • Simone Fischer-Hübner
  • Erik Framner
  • John Sören Pettersson
  • Katrin Riemer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10901)


Recent cryptographic research has devised several new algorithms and protocols with a potential of mitigating several of the most ardent security and privacy threats, existing in currently available public cloud services. Nevertheless, such cryptographic schemes often exhibit counterintuitive functionality to end users, or they work differently to other already established traditional schemes with which users are already familiar. A practical solution to address these problems involves a human centered design approach, deriving Human Computer Interaction (HCI) requirements from consultations and extensive testing with experts, prospective end users, and other stakeholders. The European Horizon 2020 project PRISMACLOUD “Privacy and Security Maintaining Services for the Cloud” uses such an approach and provides HCI patterns as part of its proper cloud service development methodology CryptSDLC to communicate HCI requirements to cloud service designers and user interface implementers. In this article, we present several new cryptographic cloud services, e.g. for redacting digitally signed data, and for redundant storage and sharing of confidential data in a public cloud scenario, together with three example HCI patterns for specific interactions of end users with these services. We show how these patterns were elaborated and validated in practice to prove the suitability for their intended purpose. To summarize, we give an account on our practical experience during the actual prototype development and implementation and show how they constitute an essential element of the CryptSDLC development methodology.


Cloud computing Cryptography HCI patterns End-user security End-user privacy 



The authors’ work is supported by the European Union Horizon 2020 research project No. 644962 PRISMACLOUD “Privacy and security maintaining services in the cloud”; (2/2015-7/2018); online (8.2.2018):


  1. 1.
    European Commission: Regulation (EU) 2016/679 of The European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (2016). Accessed 20 July 2017Google Scholar
  2. 2.
    Wästlund, E., Angulo, J., Fischer-Hübner, S.: Evoking comprehensive mental models of anonymous credentials. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol. 7039, pp. 1–14. Springer, Heidelberg (2012). Scholar
  3. 3.
    Lorünser, T., Krenn, S., Striecks, C., Länger, T.: Agile cryptographic solutions for the cloud. e & i Elektrotechnik und Informationstechnik, September 2017. ISSN: 0932-383X (printed version) ISSN: 1613-7620 (electronic version)Google Scholar
  4. 4.
    Lorünser, T., Slamanig, D., Länger, T., Pöhls, H.C.: PRISMACLOUD tools: a cryptographic toolbox for increasing security in cloud services. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). IEEE (2016)Google Scholar
  5. 5.
    PRISMACLOUD: Improved Guidelines and architectures for Secure Service Composition. Public deliverable D7.6 of the PRISMACLOUD H2020 project (2017).
  6. 6.
    Alexander, C., Ishikawa, S., Silverstein, M.: A Pattern Language: Towns, Buildings, Construction. Oxford University Press, New York (1977)Google Scholar
  7. 7.
    Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns Elements of Reusable Object-Oriented Software. Addison-Wesley, New York (1994). ISBN 0-201-63361-2zbMATHGoogle Scholar
  8. 8.
    Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns - Integrating Security and Systems Engineering. Wiley, West Sussex (2006)Google Scholar
  9. 9.
    Länger, T., Pöhls, H.C., Ghernaouti, S.: Selected cloud security patterns to improve end user security and privacy in public clouds. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 115–132. Springer, Cham (2016). Scholar
  10. 10.
    Fischer-Hübner, S., et al. (ed.): HCI Pattern Collection–Version 2. PrimeLife Deliverable D4.1.3 (2010).
  11. 11.
    Derler, D., Pöhls, H.C., Samelin, K., Slamanig, D.: A general framework for redactable signatures and new constructions. In: Kwon, S., Yun, A. (eds.) ICISC 2015. LNCS, vol. 9558, pp. 3–19. Springer, Cham (2016). Scholar
  12. 12.
    Alaqra, A., Fischer-Hübner, S., Pettersson, J.S., Wästlund, E.: Stakeholders’ perspectives on malleable signatures in a cloud-based eHealth scenario. In: HAISA, pp. 220–230 (2016)Google Scholar
  13. 13.
    PRISMACLOUD public deliverable D3.3 HCI Research Report. The report, containing the HCI patterns developed in the PRISMACLOUD project will be available by project end, 31 July 2018.
  14. 14.
    Loruenser, T., Happe, A., Slamanig, D.: ARCHISTAR: towards secure and robust cloud based data sharing. In: 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 371–378. IEEE, November 2015Google Scholar
  15. 15.
    Happe, A., Wohner, F., Lorünser, T.: The archistar secret-sharing backup proxy. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, p. 88. ACM, August 2017Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Thomas Länger
    • 1
    Email author
  • Ala Alaqra
    • 2
  • Simone Fischer-Hübner
    • 2
  • Erik Framner
    • 2
  • John Sören Pettersson
    • 2
  • Katrin Riemer
    • 3
  1. 1.Université de LausanneLausanneSwitzerland
  2. 2.Karlstad UniversityKarlstadSweden
  3. 3.XiTrust Secure Technologies GmbHGrazAustria

Personalised recommendations