Contributing Partners

TUDA, TUGRAZ

Executive Summary

Cloud computing is an increasing trend within IT outsourcing that allows vendors to offer traditional IT facilities, such as storage and/or computational systems, via the Internet. Clearly, such a business model brings many benefits and often allows customers to increase effiency, flexibility and/or cost efficiency. However, cloud computing also raises many (novel) security and privacy related issues. This is mainly due to the fact that cloud providers who store and process data of their tenants cannot be considered fully trustworthy or immune to attacks. Thus, a very important and relevant research question is how one can outsource data and computations to a non-trusted third party such that this party can process the data and at the same time provide guarantees that integrity and confidentiality has been preserved. This question lead to a new and interesting research field called veriable computing.
Within PRISMACLOUD, we (among others) aim at developing tools that counter problems related to integrity, authenticity, and confidentiality in the context of cloud computing. In the field of verifiable computing, many solutions for different types of computations, e.g., described by a subset of some programming language like C, using various different approaches have been presented in recent years. Nevertheless, all existing solutions come with several trade-offs and so far it is not clear if there is a comprehensive solution that provides both the security and privacy level needed for sensitive data and the flexibility and efficiency to be used in practice. One example for such sensitive data are health and medical data of individuals as encountered within the PRISMACLOUD eHealth use-case.
Thus, the main purpose of this deliverable (D5.8) is to present the state-of-the-art in verifiable computing and to analyze to what extent the constructions provide security, privacy, and effiency. This allows identifying which approaches are the most promising candidates to be adapted and potentially improved for our use cases and integrated in the toolbox developed within PRISMACLOUD.

Full Version 

Download the full version [PDF]