Abstract
Cloud computing means entrusting data to information systems that are managed by external parties on remote servers, in the 'cloud', raising new privacy and confidentiality concerns. We propose a general technique for designing cloud services that allows the cloud to see only encrypted data, while still facilitating some data-dependent computations. The technique is based on key translations and mixes in web browsers. We focus on a particular kind of software-as-a-service, namely, services that support applications, evaluations and decisions. Such services include job application management, public tender management (e.g., for civil construction), and conference management. We identify the specific security and privacy risks that existing systems pose. We propose a protocol that addresses them, and forms the basis of a system that offers strong security and privacy guarantees. We express the protocol and its properties in the language of ProVerif, and prove that it does provide the intended properties. We describe an implementation of a particular instance of the protocol called ConfiChair, which is geared to the evaluation of papers submitted to conferences.
| Original language | English |
|---|---|
| Pages (from-to) | 847-880 |
| Number of pages | 34 |
| Journal | Journal of Computer Security |
| Volume | 21 |
| Issue number | 6 |
| DOIs | |
| Publication status | Published - 2013 |
Keywords
- cloud computing
- cloud provider confidentiality
- formal verification
- privacy models
- Security protocols
ASJC Scopus subject areas
- Software
- Safety, Risk, Reliability and Quality
- Hardware and Architecture
- Computer Networks and Communications