Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems

Over the last few years, cloud services have been steadily gaining traction in their use by commercial and noncommercial entities. As more and more sensitive or valuable processes, business functions and data move into the cloud, the need to improve threat identification and response, via auditing cloud transactions, increases. At the same time, the need for cloud users to protect the security and privacy of their resources has also intensified. In this paper, the problem of simultaneously supporting privacy and auditing in cloud systems is studied. Specifically, the paper discusses the guiding principles, fundamental concepts, and threat models for current cloud computing systems. Finally, we propose infrastructure that exploits a novel thin layer between the client and the cloud service provider to ensure that data storage, operation, and auditing does not reveal sensitive client information.

[1]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[2]  Hui Li,et al.  Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[3]  Tyrone Grandison,et al.  Privacy Protection Issues for Healthcare Wellness Clouds , 2012 .

[4]  Amit Sahai,et al.  Selected Areas in Cryptography , 2011, Lecture Notes in Computer Science.

[5]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[6]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[7]  Krishna P. Gummadi,et al.  Analyzing facebook privacy settings: user expectations vs. reality , 2011, IMC '11.

[8]  Ben Halpert,et al.  Auditing Cloud Computing: A Security and Privacy Guide , 2011 .

[9]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[10]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[11]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[12]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[13]  Rafae Bhatti,et al.  HIPAA Compliance and Patient Privacy Protection , 2010, MedInfo.

[14]  Alex Groce,et al.  Formal Analysis of Log Files , 2010, J. Aerosp. Comput. Inf. Commun..

[15]  Philip S. Yu,et al.  Privacy-Preserving Data Mining - Models and Algorithms , 2008, Advances in Database Systems.

[16]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[17]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[18]  Richard Wolski,et al.  The Eucalyptus Open-Source Cloud-Computing System , 2009, 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid.

[19]  Tyrone Grandison,et al.  The Impact of Industry Constraints on Model-Driven Data Disclosure Controls , 2007 .

[20]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[21]  Philip S. Yu,et al.  Mobile Systems Privacy: 'MobiPriv' A Robust System for Snapshot or Continuous Querying Location Based Mobile Systems , 2012, Trans. Data Priv..

[22]  Jin Tong,et al.  NIST Cloud Computing Reference Architecture , 2011, 2011 IEEE World Congress on Services.

[23]  Philip S. Yu,et al.  Mobile systems location privacy: “MobiPriv” a robust k anonymous system , 2010, 2010 IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications.

[24]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[25]  Ian Goldberg,et al.  Privacy-Enhancing Technologies for the Internet, II: Five Years Later , 2002, Privacy Enhancing Technologies.

[26]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.