Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds
Thomas Länger (University of Lausanne), Henrich C. Pöhls (Institute of IT-Security and Security Law, University of Passau), Solange Ghernaouti (University of Lausanne)
Cloud computing has the potential to dramatically reduce the cost and complexity of provisioning information technology resources for end users. However, to make it secure and privacy-preserving for end users, additional technical safeguards must be added—the application of strong cryptography is such a safeguard. The Horizon 2020 project PRISMACLOUD surveys and advances several cryptographic protocols and primitives usable to cryptographically address common cloud security and privacy issues. The cryptographic functionality will entirely be encapsulated in five configurable tools, from which cloud services providing end-to-end security can be constructed. This approach relieves cloud service designers from dealing with the complex and error prone correct application of cryptographic functionality and shall spark the emergence of a multitude of privacy and security preserving cloud applications for the benefit of the end-users—who will no longer have to rely on contractual and legal instruments for ensuring, that privacy and security is enforced by cloud providers on their behalf. In order to support the privacy-by-design development of the tools, we developed several cloud security patterns for common critical situations in the cloud—in the three fields of data storage in the cloud, user privacy protection and data minimisation, and authentication of stored and processed data.
4th Annual Privacy Forum APF 2016
Place and Date
Frankfurt, Germany, September 7-8, 2016
Länger, T., Pöhls, H. C., Ghernaouti, S: "Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds"; in: Privacy Technologies and Policy, Proceedings of the 4th Annual Privacy Forum APF 2016, Springer LNCS, ISBN 978-3-319-44759-9