Towards a New Paradigm for Privacy and Security in Cloud Services

The market for cloud computing can be considered as the major growth area in ICT. However, big companies and public authorities are reluctant to entrust their most sensitive data to external parties for storage and processing. The reason for their hesitation is clear: There exist no satisfactory approaches to adequately protect the data during its lifetime in the cloud. The EU Project Prismacloud (Horizon 2020 programme; duration 2/2015–7/2018) addresses these challenges and yields a portfolio of novel technologies to build security enabled cloud services, guaranteeing the required security with the strongest notion possible, namely by means of cryptography. We present a new approach towards a next generation of security and privacy enabled services to be deployed in only partially trusted cloud infrastructures.

[1]  Dario Catalano,et al.  Homomorphic Signatures and Message Authentication Codes , 2014, SCN.

[2]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[3]  Rosario Gennaro,et al.  Efficiently Verifiable Computation on Encrypted Data , 2014, CCS.

[4]  Thomas Groß Certification and Efficient Proofs of Committed Topology Graphs , 2014, IACR Cryptol. ePrint Arch..

[5]  Andrew J. Blumberg,et al.  Verifying computations without reexecuting them , 2015, Commun. ACM.

[6]  Thomas Groß,et al.  Cloud radar: near real-time detection of security failures in dynamic virtualized infrastructures , 2014, ACSAC.

[7]  S. Steglich,et al.  Modeling and Controlling Dynamic Service Compositions , 2008, 2008 The Third International Multi-Conference on Computing in the Global Information Technology (iccgi 2008).

[8]  Jeroen van de Graaf,et al.  Towards a Publicly-Verifiable Mix-Net Providing Everlasting Privacy , 2013, Financial Cryptography.

[9]  Daniel Slamanig Efficient Schemes for Anonymous Yet Authorized and Bounded Use of Cloud Resources , 2011, Selected Areas in Cryptography.

[10]  Christian Hanser,et al.  Blank digital signatures , 2013, ASIA CCS '13.

[11]  Moni Naor,et al.  Split-ballot voting: Everlasting privacy with distributed trust , 2007, TSEC.

[12]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[13]  Erik Wästlund,et al.  Evoking Comprehensive Mental Models of Anonymous Credentials , 2011, iNetSeC.

[14]  Yuqiong Sun,et al.  Cloud Verifier: Verifiable Auditing Service for IaaS Clouds , 2013, 2013 IEEE Ninth World Congress on Services.

[15]  Michael Backes,et al.  Verifiable delegation of computation on outsourced data , 2013, CCS.

[16]  Christina Kluge,et al.  Service-Oriented Architecture: Concepts, Technology, and Design , 2005 .

[17]  Christian Paquin,et al.  U-Prove Cryptographic Specification V1.1 (Revision 3) , 2013 .

[18]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.

[19]  Henrich Christopher Pöhls,et al.  On Updatable Redactable Signatures , 2014, ACNS.

[20]  Dawn Xiaodong Song,et al.  Homomorphic Signature Schemes , 2002, CT-RSA.

[21]  Jörn Müller-Quade,et al.  Long-Term Security and Universal Composability , 2007, Journal of Cryptology.

[22]  Thomas Groß,et al.  Signatures and Efficient Proofs on Committed Graphs and NP-Statements , 2015, Financial Cryptography.

[23]  C. Andersson,et al.  Trust in PRIME , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[24]  Thomas Groß,et al.  A Virtualization Assurance Language for Isolation and Deployment , 2011, 2011 IEEE International Symposium on Policies for Distributed Systems and Networks.

[25]  Dario Catalano,et al.  Authenticating Computation on Groups: New Homomorphic Primitives and Applications , 2014, ASIACRYPT.

[26]  M. Beek,et al.  A Survey on Service Composition Approaches : From Industrial Standards to Formal Methods ? , 2006 .

[27]  Ron Steinfeld,et al.  Content Extraction Signatures , 2001, ICISC.

[28]  Matthew Smith,et al.  On the Acceptance of Privacy-Preserving Authentication Technology: The Curious Case of National Identity Cards , 2013, Privacy Enhancing Technologies.

[29]  Christian Hanser,et al.  On cloud storage and the cloud of clouds approach , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[30]  Markulf Kohlweiss,et al.  Malleable Signatures: New Definitions and Delegatable Anonymous Credentials , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[31]  K. Gopinath,et al.  G_{its}^2 VSR: An Information Theoretical Secure Verifiable Secret Redistribution Protocol for Long-term Archival Storage , 2007 .

[32]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[33]  Christian Hanser,et al.  Structure-Preserving Signatures on Equivalence Classes and their Application to Anonymous Credentials , 2014, IACR Cryptol. ePrint Arch..

[34]  Sébastien Canard,et al.  Protecting privacy by sanitizing personal data: a new approach to anonymous credentials , 2013, ASIA CCS '13.

[35]  Antonio Bucchiarone,et al.  Web Service Composition Approaches: From Industrial Standards to Formal Methods , 2007, Second International Conference on Internet and Web Applications and Services (ICIW'07).

[36]  Hye-Young Paik,et al.  Data integration in mashups , 2009, SGMD.

[37]  George Danezis,et al.  Differentially Private Billing with Rebates , 2011 .

[38]  Matthias Schunter,et al.  Automated Information Flow Analysis of Virtualized Infrastructures , 2011, ESORICS.

[39]  Solange Ghernaouti-Hélie,et al.  Cyber Power: Crime, Conflict and Security in Cyberspace , 2013 .