Authors:
Vinícius Pacheco
and
Ricardo Puttini
Affiliation:
University of Brasília - UnB, Brazil
Keyword(s):
Cloud Computing, Software as a Service, Privacy, Multi-layer Security, Anonymity, Untraceable Communication, E-cash.
Related
Ontology
Subjects/Areas/Topics:
Cloud Computing
;
Cloud Computing Architecture
;
Collaboration and e-Services
;
Data Engineering
;
e-Business
;
Enterprise Information Systems
;
Fundamentals
;
Mobile Software and Services
;
Ontologies and the Semantic Web
;
Services Science
;
Software Agents and Internet Computing
;
Software Engineering
;
Software Engineering Methods and Techniques
;
Telecommunications
;
Web Services
;
Wireless Information Networks and Systems
Abstract:
Several cloud computing providers are emerging to provide web services that encapsulate common business logic in the cloud. However, these Software as a Service (SaaS) offers are currently based in trust relationships between cloud consumers and providers. Consumer must trust the provider not to disclose sensitive data exchanged during service provision, as such leak can compromise consumer’s privacy and threaten its business. In this paper, we propose a privacy enhancing framework to protect consumer information privacy against excessive exposure to cloud computing providers. Our design is essentially based on anonymity technology, as conventional encryption and authentication security mechanisms do not supply enough protection to consumer’s privacy; particularly, when the provider itself is considered a threat. The design consists in a multi-layered framework, where different anonymity techniques are employed together to protect the privacy of different types of consumer informatio
n, during both administrative (e.g., legal contracting and financial transactions) and technical (e.g., message exchanges) interactions. We also describe a complete connection anonymity SaaS service consumption scheme based on e-cash as the main tool for generating and managing anonymous credentials in the cloud.
(More)