Privacy-preserving security solution for cloud services

We propose a novel privacy-preserving security solution for cloud services. Our solution is based on an efficient nonbilinear group signature scheme providing the anonymous access to cloud services and shared storage servers. The novel solution offers anonymous authenticationfor registered users. Thus, users' personal attributes (age, valid registration, successful payment) can be proven without revealing users' identity, and users can use cloud services without any threat of profiling their behavior. However, if a user breaks provider's rules, his access right is revoked.Our solution provides anonymous access, unlinkability and the confidentiality of transmitted data. We implement our solution as a proof of concept applicationand present the experimental results. Further, we analyzecurrent privacy preserving solutions for cloud services and group signature schemes as basic parts of privacy enhancing solutions in cloud services. We compare the performance of our solution with the related solutionsand schemes.

[1]  Lukas Malina,et al.  Unlinkable Attribute-Based Credentials with Practical Revocation on Smart-Cards , 2012, CARDIS.

[2]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[3]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[4]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[5]  Reihaneh Safavi-Naini,et al.  Efficient and Provably Secure Trapdoor-Free Group Signature Schemes from Bilinear Pairings , 2004, ASIACRYPT.

[6]  Ehab Al-Shaer,et al.  Proceedings of the 9th annual ACM workshop on Privacy in the electronic society , 2010, CCS 2010.

[7]  Jan Camenisch,et al.  Practical Group Signatures without Random Oracles , 2005, IACR Cryptol. ePrint Arch..

[8]  Jörg Schwenk,et al.  Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[9]  Lukas Malina,et al.  Accelerated modular arithmetic for low-performance devices , 2011, 2011 34th International Conference on Telecommunications and Signal Processing (TSP).

[10]  Radu Sion,et al.  On securing untrusted clouds with cryptography , 2010, WPES '10.

[11]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[12]  Marina Blanton,et al.  Online subscriptions with anonymous access , 2008, ASIACCS '08.

[13]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[14]  Xiaohui Liang,et al.  Short Group Signature Without Random Oracles , 2007, ICICS.

[15]  Dawn Xiaodong Song,et al.  Quasi-Efficient Revocation in Group Signatures , 2002, Financial Cryptography.

[16]  Brent Waters,et al.  Full-Domain Subgroup Hiding and Constant-Size Group Signatures , 2007, Public Key Cryptography.

[17]  Zdenek Martinasek,et al.  Optimization of differential power analysis , 2011 .

[18]  Jens Groth,et al.  Fully Anonymous Group Signatures without Random Oracles , 2007, IACR Cryptol. ePrint Arch..

[19]  Lukas Malina,et al.  Efficient modular multiplication for programmable smart-cards , 2014, Telecommun. Syst..

[20]  Lukas Malina,et al.  Practical Revocable Anonymous Credentials , 2012, Communications and Multimedia Security.

[21]  Shouhuai Xu,et al.  Accumulating Composites and Improved Group Signing , 2003, ASIACRYPT.

[22]  Dongdai Lin,et al.  A Shorter Group Signature with Verifier-Location Revocation and Backward Unlinkability , 2006, IACR Cryptol. ePrint Arch..

[23]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[24]  Francisco Rodríguez-Henríquez,et al.  Achieving Identity-Based Cryptography in a Personal Digital Assistant Device , 2011 .

[25]  Siani Pearson,et al.  A client-based privacy manager for cloud computing , 2009, COMSWARE '09.

[26]  Xiaohui Liang,et al.  Secure provenance: the essential of bread and butter of data forensics in cloud computing , 2010, ASIACCS '10.

[27]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[28]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[29]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[30]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[31]  Risto Laurikainen,et al.  Secure and anonymous communication in the cloud , 2010 .

[32]  Mihir Bellare,et al.  Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions , 2003, EUROCRYPT.

[33]  Ronald Cramer,et al.  Modular Design of Secure yet Practical Cryptographic Protocols , 1997 .

[34]  E. M. Hernandez-Ramirez,et al.  A Comparison of Redundancy Techniques for Private and Hybrid Cloud Storage , 2012 .

[35]  Siu-Ming Yiu,et al.  SPICE - Simple Privacy-Preserving Identity-Management for Cloud Environment , 2012, ACNS.

[36]  Tatsuaki Okamoto,et al.  A New Public-Key Cryptosystem as Secure as Factoring , 1998, EUROCRYPT.

[37]  J. Camenisch,et al.  Proof systems for general statements about discrete logarithms , 1997 .

[38]  M. Neusten,et al.  Telecommunication systems. , 1976, Advances in ophthalmology = Fortschritte der Augenheilkunde = Progres en ophtalmologie.

[39]  Bharat K. Bhargava,et al.  An Entity-Centric Approach for Privacy and Identity Management in Cloud Computing , 2010, 2010 29th IEEE Symposium on Reliable Distributed Systems.