Privacy-Friendly Cloud Storage for the Data Track

An Educational Transparency Tool
  • Tobias Pulls
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7617)


The Data Track is a transparency-enhancing tool that aims to educate users by providing them with an overview of all their data disclosures. In this paper, we describe a cryptographic scheme for storing all data disclosures tracked by the Data Track centrally in the cloud in a privacy-friendly way. Our scheme allows users to store their data anonymously, while keeping the cloud provider accountable with regard to the integrity of the data. Furthermore, we introduce a separation of concerns for the different components of the Data Track, well suited for tracking data disclosures from semi-trusted devices that may become compromised. We provide an informal evaluation of our scheme and briefly describe a proof of concept implementation.


data track privacy by design anonymity cloud storage transparency applied cryptography 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    The Legion of the Bouncy Castle,, (accessed June 5, 2012)
  2. 2.
    Commission proposes a comprehensive reform of the data protection rules (January 2012), (accessed April 24, 2012)
  3. 3.
    Directive 95/46/EC of the European Parliament and of the Council of 24, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (23111995) (October 1995)Google Scholar
  4. 4.
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-Privacy in Public-Key Encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 203–211. Springer, Heidelberg (2001)Google Scholar
  5. 5.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  6. 6.
    Bichsel, P., Camenisch, J., Preiss, F.-S.: A comprehensive framework enabling data-minimizing authentication. In: Proceedings of the 7th ACM Workshop on Digital Identity Management, DIM 2011, pp. 13–22. ACM Press, New York (2011), CrossRefGoogle Scholar
  7. 7.
    Byun, J.W., Rhee, H.S., Park, H.-A., Lee, D.-H.: Off-Line Keyword Guessing Attacks on Recent Keyword Search Schemes over Encrypted Data. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 75–83. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security, pp. 21–30. ACM (2002)Google Scholar
  9. 9.
    Camenisch, J., Leenes, R., Sommer, D. (eds.): PRIME – Privacy and Identity Management for Europe. LNCS, vol. 6545. Springer, Berlin (2011)Google Scholar
  10. 10.
    Camenisch, J.L., Lysyanskaya, A.: An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)Google Scholar
  12. 12.
    Chang, F., Dean, J., Ghemawat, S., Hsieh, W.C., Wallach, D.A., Burrows, M., Chandra, T., Fikes, A., Gruber, R.E.: Bigtable: a distributed storage system for structured data. In: Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2006, vol. 7, pp. 15–15. USENIX Association, Berkeley (2006)Google Scholar
  13. 13.
    Crosby, S.A., Wallach, D.S.: Efficient data structures for tamper-evident logging. In: USENIX Security Symposium, pp. 317–334. USENIX Association (2009)Google Scholar
  14. 14.
    Crosby, S.A.: Efficient tamper-evident data structures for untrusted servers. Ph.D. thesis, Houston, TX, USA (2010), aAI3421155Google Scholar
  15. 15.
    Danezis, G., Clayton, R.: Introducing traffic analysis. In: Attacks, Defences and Public Policy Issues. CRC Press (2007)Google Scholar
  16. 16.
    EUR-Lex - Access to European Union law (2012), (accessed May 14, 2012)
  17. 17.
    Fischer-Hübner, S., Hedbom, H., Wästlund, E.: Trust and assurance hci. In: Camenisch, J., Fischer-Hübner, S., Rannenberg, K. (eds.) Privacy and Identity Management for Life, pp. 245–260. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: Deduplication in cloud storage. IEEE Security & Privacy 8(6), 40–47 (2010)CrossRefGoogle Scholar
  19. 19.
    IBM Research – Zurich: Specification of the identity mixer cryptographic library – version 2.3.4 (2012),
  20. 20.
    Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Kamara, S., Papamanthou, C., Roeder, T.: CS2: A semantic cryptographic cloud storage system. Tech. Rep. MSR-TR-2011-58, Microsoft Technical Report (May 2011),
  22. 22.
    Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: Anonymyity, unlinkability, undetectability, unobservability, pseudonymity, and identity management (August 2010)Google Scholar
  23. 23.
    Popa, R.A., Lorch, J.R., Molnar, D., Wang, H.J., Zhuang, L.: Enabling security in cloud storage slas with cloudproof. In: Proceedings of the 2011 USENIX Conference on USENIX Annual Technical Conference, USENIXATC 2011, pp. 31–31. USENIX Association, Berkeley (2011)Google Scholar
  24. 24.
    PrimeLife WP4.2: End User Transparency Tools: UI Prototypes. In: Wästlund, E., Fischer-Hübner, S. (eds.) PrimeLife Deliverable D4.2.2. PrimeLife (June 2010),
  25. 25.
    Pulls, T. (More) Side Channels in Cloud Storage. In: Camenisch, J., Crispo, B., Fischer-Hübner, S., Leenes, R., Russello, G. (eds.) Privacy and Identity 2011. IFIP AICT, vol. 375, pp. 102–115. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  26. 26.
    Shen, E., Shi, E., Waters, B.: Predicate Privacy in Encryption Systems. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 457–473. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Slamanig, D.: Efficient Schemes for Anonymous Yet Authorized and Bounded Use of Cloud Resources. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 73–91. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  28. 28.
    Soghoian, C.: Caught in the cloud: Privacy, encryption, and government back doors in the Web 2.0 era. Journal on Telecommunications and High Technology Law 8(2), 359–424 (2010)Google Scholar
  29. 29.
    Sommer, D., Mont, M.C., Pearson, S.: Prime architecture v3 (July 2008),

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Tobias Pulls
    • 1
  1. 1.Department of Computer ScienceKarlstad UniversityKarlstadSweden

Personalised recommendations