Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
What Are User Requirements? Developing an ISO Standard Read chapter Read first chapter

2018 | OriginalPaper | Chapter

HCI Patterns for Cryptographically Equipped Cloud Services

Authors : Thomas Länger, Ala Alaqra, Simone Fischer-Hübner, Erik Framner, John Sören Pettersson, Katrin Riemer

Published in: Human-Computer Interaction. Theories, Methods, and Human Issues

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Recent cryptographic research has devised several new algorithms and protocols with a potential of mitigating several of the most ardent security and privacy threats, existing in currently available public cloud services. Nevertheless, such cryptographic schemes often exhibit counterintuitive functionality to end users, or they work differently to other already established traditional schemes with which users are already familiar. A practical solution to address these problems involves a human centered design approach, deriving Human Computer Interaction (HCI) requirements from consultations and extensive testing with experts, prospective end users, and other stakeholders. The European Horizon 2020 project PRISMACLOUD “Privacy and Security Maintaining Services for the Cloud” uses such an approach and provides HCI patterns as part of its proper cloud service development methodology CryptSDLC to communicate HCI requirements to cloud service designers and user interface implementers. In this article, we present several new cryptographic cloud services, e.g. for redacting digitally signed data, and for redundant storage and sharing of confidential data in a public cloud scenario, together with three example HCI patterns for specific interactions of end users with these services. We show how these patterns were elaborated and validated in practice to prove the suitability for their intended purpose. To summarize, we give an account on our practical experience during the actual prototype development and implementation and show how they constitute an essential element of the CryptSDLC development methodology.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter A Hand Gesture-Based Method for Biometric Authentication
next chapter Why Users Ignore Privacy Policies – A Survey and Intention Model for Explaining User Privacy Behavior
Footnotes
1
Online (8.2.2018): https://​www.​xitrust.​com/​en/​products/​xitrust-moxis/​. The MOXIS solution is currently available for qualified digital signatures, but not for redactable signatures. The identities are provided with trust service provider A-Trust, online (8.2.2018): https://​www.​a-trust.​at/​%C3%BCber-uns/​en/​.
 
2
Balsamiq Mockups 3 by Balsamiq Studios LLC. online (8.2.2018): https://​balsamiq.​com/​.
 
3
The respective PRISMACLOUD deliverable D3.2 “HCI Guidelines” is unfortunately marked confidential and thus not publicly available. An iteration D3.3 “HCI Research Report” with classification public, containing all the HCI patterns developed in the project, will be available by project end 31 July 2018 on the project homepage https://​prismacloud.​eu.
 
4
Ibid. PRISMACLOUD D3.3.
 
Literature
1.
European Commission: Regulation (EU) 2016/679 of The European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (2016). Accessed 20 July 2017
2.
3.
Lorünser, T., Krenn, S., Striecks, C., Länger, T.: Agile cryptographic solutions for the cloud. e & i Elektrotechnik und Informationstechnik, September 2017. ISSN: 0932-383X (printed version) ISSN: 1613-7620 (electronic version)
4.
Lorünser, T., Slamanig, D., Länger, T., Pöhls, H.C.: PRISMACLOUD tools: a cryptographic toolbox for increasing security in cloud services. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). IEEE (2016)
5.
PRISMACLOUD: Improved Guidelines and architectures for Secure Service Composition. Public deliverable D7.6 of the PRISMACLOUD H2020 project (2017). https://​prismacloud.​eu
6.
Alexander, C., Ishikawa, S., Silverstein, M.: A Pattern Language: Towns, Buildings, Construction. Oxford University Press, New York (1977)
7.
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns Elements of Reusable Object-Oriented Software. Addison-Wesley, New York (1994). ISBN 0-201-63361-2MATH
8.
Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns - Integrating Security and Systems Engineering. Wiley, West Sussex (2006)
9.
10.
11.
12.
Alaqra, A., Fischer-Hübner, S., Pettersson, J.S., Wästlund, E.: Stakeholders’ perspectives on malleable signatures in a cloud-based eHealth scenario. In: HAISA, pp. 220–230 (2016)
13.
PRISMACLOUD public deliverable D3.3 HCI Research Report. The report, containing the HCI patterns developed in the PRISMACLOUD project will be available by project end, 31 July 2018. https://​prismacloud.​eu
14.
Loruenser, T., Happe, A., Slamanig, D.: ARCHISTAR: towards secure and robust cloud based data sharing. In: 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 371–378. IEEE, November 2015
15.
Happe, A., Wohner, F., Lorünser, T.: The archistar secret-sharing backup proxy. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, p. 88. ACM, August 2017
Metadata
Title
HCI Patterns for Cryptographically Equipped Cloud Services
Authors
Thomas Länger
Ala Alaqra
Simone Fischer-Hübner
Erik Framner
John Sören Pettersson
Katrin Riemer
Copyright Year
2018
Book
Human-Computer Interaction. Theories, Methods, and Human Issues

Print ISBN: 978-3-319-91237-0

Electronic ISBN: 978-3-319-91238-7

Copyright Year: 2018

DOI
https://doi.org/10.1007/978-3-319-91238-7_44