D5.8 Overview of verifiable computing techniques providing private and public verification

Contributing Partners

TUDA, TUGRAZ

Executive Summary

Cloud computing is an increasing trend within IT outsourcing that allows vendors to offer traditional IT facilities, such as storage and/or computational systems, via the Internet. Clearly, such a business model brings many bene fits and often allows customers to increase effiency, flexibility and/or cost efficiency. However, cloud computing also raises many (novel) security and privacy related issues. This is mainly due to the fact that cloud providers who store and process data of their tenants cannot be considered fully trustworthy or immune to attacks. Thus, a very important and relevant research question is how one can outsource data and computations to a non-trusted third party such that this party can process the data and at the same time provide guarantees that integrity and confi dentiality has been preserved. This question lead to a new and interesting research field called veri able computing.
Within PRISMACLOUD, we (among others) aim at developing tools that counter problems related to integrity, authenticity, and confi dentiality in the context of cloud computing. In the fi eld of verifi able computing, many solutions for different types of computations, e.g., described by a subset of some programming language like C, using various different approaches have been presented in recent years. Nevertheless, all existing solutions come with several trade-offs and so far it is not clear if there is a comprehensive solution that provides both the security and privacy level needed for sensitive data and the flexibility and efficiency to be used in practice. One example for such sensitive data are health and medical data of individuals as encountered within the PRISMACLOUD eHealth use-case.
Thus, the main purpose of this deliverable (D5.8) is to present the state-of-the-art in veri fiable computing and to analyze to what extent the constructions provide security, privacy, and effiency. This allows identifying which approaches are the most promising candidates to be adapted and potentially improved for our use cases and integrated in the toolbox developed within PRISMACLOUD.

Full Version 

Download the full version [PDF]