Abstract
Cloud computing is an emerging paradigm whose importance both in large and small business is more and more increasing. As one of the reasons motivating the adoption of cloud computing solutions is to alleviate the load of companies related to the solution of security and disaster recovery issues, security is one of the main features to fulfill in a cloud computing system. Moreover, a number of new security and privacy problems arise, such as threats to user’s privacy due to the realistic possibility of having honest-but-curious cloud providers. In this scenario, we propose an authentication scheme supporting full anonymity of users and unlinkability of service requests. This is done by combining a multi-party cryptographic protocol with the use of a cooperative P2P-based approach to access services in the cloud. As the solution is thought to be adopted in e-government scenarios, accountability of user accesses is always preserved, to prevent misuse and illegal actions of users.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Electronic identification and trust services (eIDAS): regulatory environment and beyond (2015). http://ec.europa.eu/dgs/connect/en/content/electronic-identification-and-trust-services-eidas-regulatory-environment-and-beyond
Boyen, X., Waters, B.: Compact group signatures without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 427–444. Springer, Heidelberg (2006)
Buccafurri, F., Lax, G.: TLS: a tree-based DHT lookup service for highly dynamic networks. In: Meersman, R. (ed.) OTM 2004. LNCS, vol. 3290, pp. 563–580. Springer, Heidelberg (2004)
Buccafurri, F., Lax, G., Nicolazzo, S., Nocera, A.: A privacy-preserving solution for tracking people in critical environments. In: Proceedings of the International Workshop on Computers, Software and Applications (COMPSAC 2014), pp. 146–151. IEEE Computer Society, V\(\ddot{a}\)ster\(\dot{a}\)s (2014)
Buccafurri, F., Lax, G., Nicolazzo, S., Nocera, A.: A model to support multi-social-network applications. In: Meersman, R., Panetto, H., Dillon, T., Missikoff, M., Liu, L., Pastor, O., Cuzzocrea, A., Sellis, T. (eds.) OTM 2014. LNCS, vol. 8841, pp. 639–656. Springer, Heidelberg (2014)
Buccafurri, F., Lax, G., Nicolazzo, S., Nocera, A.: Comparing twitter and facebook user behavior: privacy and other aspects. Comput. Hum. Behav. 52, 87–95 (2015)
Buccafurri, F., Lax, G., Nicolazzo, S., Nocera, A., Ursino, D.: Driving global team formation in social networks to obtain diversity. In: Casteleyn, S., Rossi, G., Winckler, M. (eds.) ICWE 2014. LNCS, vol. 8541, pp. 410–419. Springer, Heidelberg (2014)
Buccafurri, F., Lax, G., Nocera, A., Ursino, D.: Moving from social networks to social internetworking scenarios: the crawling perspective. Inf. Sci. 256, 126–137 (2014)
Buccafurri, F., Lax, G., Nocera, A., Ursino, D.: Discovering missing me edges across social networks. Inf. Sci. 319, 18–37 (2015)
Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)
Chen, Y., Sion, R.: On securing untrusted clouds with cryptography. In: Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, pp. 109–114. ACM (2010)
Chow, S.S.M., He, Y.-J., Hui, L.C.K., Yiu, S.M.: SPICE – simple privacy-preserving identity-management for cloud environment. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 526–543. Springer, Heidelberg (2012)
Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: a distributed anonymous information storage and retrieval system. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 46–66. Springer, Heidelberg (2001)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. Technical report, DTIC Document (2004)
Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)
Jensen, M., Schäge, S., Schwenk, J.: Towards an anonymous access control and accountability scheme for cloud computing (2010)
Khan, S.M., Hamlen, K.W.: Anonymouscloud: a data ownership privacy provider framework in cloud computing. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 170–176. IEEE (2012)
Laurikainen, R.: Secure and anonymous communication in the cloud. Aalto University School of Science and Technology, Department of Computer Science and Engineering, Technical report TKK-CSE-B10 (2010)
Malina, L., Hajny, J.: Efficient security solution for privacy-preserving cloud services. In: 2013 36th International Conference on Telecommunications and Signal Processing (TSP), pp. 23–27. IEEE (2013)
Mowbray, M., Pearson, S.: A client-based privacy manager for cloud computing. In: Proceedings of the Fourth International ICST Conference on Communication System Software and Middleware, p. 5. ACM (2009)
Riahla, M.A., Tamine, K., Gaborit, P.: A protocol for file sharing, anonymous and confidential, adapted to p2p networks. In: 2012 6th International Conference on Sciences of Electronics, Technologies of Information and Telecommunications (SETIT), pp. 549–557. IEEE (2012)
Ruj, S., Stojmenovic, M., Nayak, A.: Decentralized access control with anonymous authentication of data stored in clouds. IEEE Trans. Parallel Distrib. Syst. 25(2), 384–394 (2014)
Samarati, P.: Protecting respondents identities in microdata release. IEEE Trans. Knowl. Data Eng. 13(6), 1010–1027 (2001)
Singh, L.V., Bole, A.V., Yadav, S.K.: Security issues of cloud computing-a survey. Int. J. Adv. Res. Comput. Sci. Manag. Stud. 3(1), 43–49 (2015)
Wang, C., Wang, Q., Ren, K., Cao, N., Lou, W.: Toward secure and dependable storage services in cloud computing. IEEE Trans. Serv. Comput. 5(2), 220–232 (2012)
Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Xu, Z., Min, R., Hu, Y.: Hieras: a dht based hierarchical p2p routing algorithm. In: Proceedings. 2003 International Conference on Parallel Processing, pp. 187–194. IEEE (2003)
Acknowledgment
This work has been partially supported by the TENACE PRIN Project (n. 20103P34XC) funded by the Italian Ministry of Education, University and Research and by the Program “Programma Operativo Nazionale Ricerca e Competitività” 2007–2013, Distretto Tecnologico CyberSecurity funded by the Italian Ministry of Education, University and Research.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Buccafurri, F., Lax, G., Nicolazzo, S., Nocera, A. (2015). Accountability-Preserving Anonymous Delivery of Cloud Services. In: Fischer-Hübner, S., Lambrinoudakis, C., López, J. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2015. Lecture Notes in Computer Science(), vol 9264. Springer, Cham. https://doi.org/10.1007/978-3-319-22906-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-22906-5_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22905-8
Online ISBN: 978-3-319-22906-5
eBook Packages: Computer ScienceComputer Science (R0)