nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds

verfasst von : Thomas Länger, Henrich C. Pöhls, Solange Ghernaouti

Erschienen in: Privacy Technologies and Policy

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud computing has the potential to dramatically reduce the cost and complexity of provisioning information technology resources for end users. However, to make it secure and privacy-preserving for end users, additional technical safeguards must be added—the application of strong cryptography is such a safeguard. The Horizon 2020 project PRISMACLOUD surveys and advances several cryptographic protocols and primitives usable to cryptographically address common cloud security and privacy issues. The cryptographic functionality will entirely be encapsulated in five configurable tools, from which cloud services providing end-to-end security can be constructed. This approach relieves cloud service designers from dealing with the complex and error prone correct application of cryptographic functionality and shall spark the emergence of a multitude of privacy and security preserving cloud applications for the benefit of the end-users—who will no longer have to rely on contractual and legal instruments for ensuring, that privacy and security is enforced by cloud providers on their behalf. In order to support the privacy-by-design development of the tools, we developed several cloud security patterns for common critical situations in the cloud—in the three fields of data storage in the cloud, user privacy protection and data minimisation, and authentication of stored and processed data.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Consumer Privacy on Distributed Energy Markets

Nächstes Kapitel PrivacyInsight: The Next Generation Privacy Dashboard

The authors’ work is supported by the European Union Horizon 2020 research activity n\(\circ \) 644962 Prismacloud: “Privacy and security maintaining services in the cloud” [17]; duration 2/2015–7/2018; 16 partners; https://www.prismacloud.eu.

It is now, that cloud providers have started to host their data centers in multiple locations world-wide, including Asia, South America, and countries of the European Union (see e.g. Amazon: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html). Nevertheless, the headquarters and main installations of these businesses are certainly under U.S. American jurisdiction and it is at least possible that data, in whichever form and state of aggregation, might be consolidated with data residing in the U.S.A.

The other patterns can be studied in the public Prismacloud deliverable D2.2 “Domain independent generic security models”, available on the project web site www.prismacloud.eu.

The entire book, 1218 pages, can be downloaded as pdf from archive.org/details/ APatternLanguage.

https://secure.edps.europa.eu/EDPSWEB/edps/EDPS/IPEN.

ibid.

www.munawarhafiz.com/securitypatterncatalog/index.php. Munawar Hafiz is also author of several papers on security patterns, e.g. [15], which presents “4 design patterns that can aid the decision making process for the designers of privacy protecting systems”.

www.pripareproject.eu.

For a more detailed description of all cloud security patterns we want to direct the attention to Prismacloud deliverable D2.2 “Domain independent generic security models”, available on the project web site www.prismacloud.eu.

Whenever the signature mathematically still depends on some removed data, like in hash trees, they cryptographically do not offer a sophisticated level of privacy [3].

Alexander, C., Ishikawa, S., Silverstein, M.: A Pattern Language: Towns, Buildings, Construction. Oxford University Press, Oxford (1977)

Backes, M., Datta, A., Kate, A.: Asynchronous computational VSS with reduced communication complexity. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 259–276. Springer, Heidelberg (2013). http://dx.doi.org/10.1007/978-3-642-36095-4_17 CrossRef

Brzuska, C., Pöhls, H.C., Samelin, K.: Non-interactive public accountability for sanitizable signatures. In: De Capitani di Vimercati, S., Mitchell, C. (eds.) EuroPKI 2012. LNCS, vol. 7868, pp. 178–193. Springer, Heidelberg (2013). http://dx.doi.org/10.1007/978-3-642-40012-4_12 CrossRef

Buchmann, J., Demirel, D., Happe, A., Krenn, S., Lorünser, T., Traverso, G.: PRISMACLOUD D4.1: secret sharing protocols for various adversary models (2015). www.prismacloud.eu. H2020 project PRISMACLOUD deliverable

Camenisch, J., Herreweghen, E.V.: Design and implementation of the idemix anonymous credential system. In: ACM CCS, pp. 21–30. ACM (2002). http://doi.acm.org/10.1145/586110.586114

Danezis, G., Domingo-Ferrer, J., Hansen, M., Hoepman, J.H., Le Mtayer, D., Tirtea, R., Schiffner, S.: Privacy and data protection by design. Technical report, European Union Agency for Network and Information Security (ENISA) (2015)

Doty, N., Gupta, M.: Privacy design patterns and anti-patterns. In: Workshop “A Turn for the Worse: Trustbusters for User Interfaces Workshop” at SOUPS 2013 Newcastle, UK (2013)

ENISA European Union Agency for Network and Information Security: Cloud computing repository. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing. 31 Mar 2015

ENISA European Union Agency for Network and Information Security: Cloud computing; Benefits, risks and recommendations for information security; Rev. B., December 2012. https://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment/at_download/fullReport. 1 Mar 2016

10.

European Commission: Establishing Horizon 2020 - The Framework Programme for Research and Innovation (2012). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52011PC0809:EN:NOT. 1 June 2016

11.

European Commission: European Cloud Computing Strategy “Unleashing the Potential of Cloud Computing in Europe” (2012). http://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy. 31 Mar 2015

12.

European Commission: Technology readiness levels (TRL) (2014). http://ec.europa.eu/research/participants/data/ref/h2020/wp/2014_2015/annexes/h2020-wp.1415-annex-g-trl_en.pdf. 1 June 2016

13.

Forbes magazine: Roundup of cloud computing forecasts and market estimates Q3 update (2015). http://www.forbes.com/sites/louiscolumbus/2015/09/27/roundup-of-cloud-computing-forecasts-and-market-estimates-q3-update-2015/#35e2a3576c7a. 1 Mar 2016

14.

Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley, Boston (1994). ISBN: 0-201-63361-2

15.

Hafiz, M.: A collection of privacy design patterns. In: Proceedings of the 2006 Conference on Pattern Languages of Programs, PLoP 2006, pp. 7:1–7:13. ACM, New York (2006). http://doi.acm.org/10.1145/1415472.1415481

16.

Lorünser, T., Länger, T., Slamanig, D.: Cloud security and privacy by design. In: Katsikas, K.S., Sideridis, B.A. (eds.) E-Democracy 2015. CCIS, vol. 570, pp. 202–206. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-319-27164-4_16 CrossRef

17.

Lorünser, T., et al.: Towards a new paradigm for privacy and security in cloud services. In: Cleary, F., Felici, M. (eds.) CSP Forum 2015. CCIS, vol. 530, pp. 14–25. Springer, Heidelberg (2015). doi:10.1007/978-3-319-25360-2_2 CrossRef

18.

Lorünser, T., Slamanig, D., Länger, T., Pöhls, H.C.: PRISMACLOUD tools: a cryptographic toolbox for increasing security in cloud services. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES 2016). IEEE (2016) (to be published Sept 2016)

19.

Miyazaki, K., Hanaoka, G., Imai, H.: Digitally signed document sanitizing scheme based on bilinear maps. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006, pp. 343–354. ACM, New York (2006). http://doi.acm.org/10.1145/1128817.1128868

20.

Müller-Quade, J., Unruh, D.: Long-term security and universal composability. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 41–60. Springer, Heidelberg (2007). http://dx.doi.org/10.1007/978-3-540-70936-7_3 CrossRef

21.

Pöhls, H.C., Höhne, F.: The role of data integrity in EU digital signature legislation — achieving statutory trust for sanitizable signature schemes. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 175–192. Springer, Heidelberg (2012)CrossRef

22.

Pöhls, H.C., Samelin, K.: On updatable redactable signatures. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 457–475. Springer, Heidelberg (2014)

23.

PRWeb: A Cloud Computing Forecast Summary for 2013–2017 from IDC, Gartner and KPMG, citing a study by Accenture (2013). http://www.prweb.com/releases/2013/11/prweb11341594.htm. 31 Mar 2015

24.

RightScale Inc.: State of the Cloud Report (2015). http://assets.rightscale.com/uploads/pdfs/RightScale-2015-State-of-the-Cloud-Report.pdf. 31 Mar 2015

25.

Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns - Integrating Security and Systems Engineering. Wiley, West Sussex (2006)

26.

Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979). http://doi.acm.org/10.1145/359168.359176 MathSciNetCrossRefMATH

27.

The Economist Intelligence Unit: Mapping the cloud maturity curve, May 2015. http://www.economistinsights.com/analysis/mapping-cloud-maturity-curve. 31 Mar 2015

28.

Transparency Market Research: Cloud Computing Services Market - Global Industry Size, Share, Trends, Analysis and Forecasts 2012–2018 (2012). http://www.transparencymarketresearch.com/cloud-computing-services-market.html. 31 Mar 2015

29.

Van Geelkerken, F., Pöhls, H.C., Fischer-Hübner, S.: The legal status of malleable- and functional signatures in light of Regulation (EU) No. 910/2014. In: Proceedings of 3rd International Academic Conference of Young Scientists on Law & Psychology 2015 (LPS 2015), pp. 404–410. L’viv Polytechnic Publishing House, November 2015. https://drive.google.com/file/d/0B-Yu3Ni9z3PXM2lBajhCXzhoWk0/view

Titel: Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds
verfasst von: Thomas Länger
Henrich C. Pöhls
Solange Ghernaouti
Verlag: Springer International Publishing
Buch: Privacy Technologies and Policy
Print ISBN: 978-3-319-44759-9

Electronic ISBN: 978-3-319-44760-5

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-44760-5_8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner