Constructing and testing privacy-aware services in a cloud computing environment: challenges and opportunities

After decades of engineering development and infrastructural investment, Internet connections have become a commodity product in many countries, and Internetscale "cloud computing" has started to compete with traditional software business through its technological advantages and economy of scale. Cloud computing is a promising enabling technology of Internetware. One distinct characteristic of cloud computing is the global integration of data, logic, and users, but such integration magnifies a sharp concern about privacy, which is one of the most frequently cited reasons by enterprises for not migrating to cloud-based solutions. We argue that cloud-based systems should include privacy as a fundamental design goal, and that privacy in a cloud environment is bidirectional, covering both end users and application providers. End users need privacy-aware software services that prevent their private data from being exposed to other users or the cloud providers. Application providers need a privacy-protected testing methodology to prevent the companies' internal activities and product features from leaking to external users. Focusing on privacy protection, we discuss the research challenges in this unique design space, and explore potential solutions for enhancing privacy protection in several important components of the system.

[1]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[2]  Mache Creeger CTO Roundtable , 2008, Commun. ACM.

[3]  Alistair Cockburn,et al.  Agile Software Development , 2001 .

[4]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[5]  Premkumar T. Devanbu,et al.  Software engineering for security: a roadmap , 2000, ICSE '00.

[6]  Luiz André Barroso,et al.  Web Search for a Planet: The Google Cluster Architecture , 2003, IEEE Micro.

[7]  GhemawatSanjay,et al.  The Google file system , 2003 .

[8]  Robbert van Renesse,et al.  Toward a cloud computing research agenda , 2009, SIGA.

[9]  Siani Pearson,et al.  Taking account of privacy when designing cloud computing services , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[10]  Mark Zuckerberg,et al.  An Open Letter from Mark Zuckerberg , 2006 .

[11]  Todd Kulesza,et al.  End-user software engineering and distributed cognition , 2009, 2009 ICSE Workshop on Software Engineering Foundations for End User Programming.

[12]  Dejan S. Milojicic,et al.  Open Cirrus TM cloud computing testbed: federated data centers for open source systems and services research , 2009, CloudCom 2009.

[13]  Thomas Sandholm,et al.  What's inside the Cloud? An architectural map of the Cloud landscape , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[14]  Wilson C. Hsieh,et al.  Bigtable: A Distributed Storage System for Structured Data , 2006, TOCS.

[15]  Niklaus Wirth,et al.  Algorithms + Data Structures = Programs , 1976 .

[16]  Brian Hayes,et al.  What Is Cloud Computing? , 2019, Cloud Technologies.

[17]  Karthik Muthuswamy,et al.  Global Software Development with Cloud Platforms , 2009, SEAFOOD.

[18]  Gustavo Alonso,et al.  Engineering the cloud from software modules , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[19]  Gregory V. Wilson,et al.  On the difficulty of replicating human subjects studies in software engineering , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[20]  George Mangalaraj,et al.  Challenges of migrating to agile methodologies , 2005, CACM.

[21]  Mache Creeger CTO Roundtable: Virtualization Part I , 2008, QUEUE.