Skip to main content
Springer Nature Link
Log in

How Not to Be Seen in the Cloud: A Progressive Privacy Solution for Desktop-as-a-Service

  • Conference paper
On the Move to Meaningful Internet Systems: OTM 2012 (OTM 2012)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7566))

  • 1017 Accesses

Abstract

In public clouds, where data are provided to an infrastructure hosted outside user’s premises, privacy issues come to the forefront. The right to act without observation becomes even more important in Desktop-as-a-Service (DaaS) environments. This paper describes the design, implementation and preliminary experimental evaluation of a progressive privacy solution for a DaaS system. Progressive privacy is a privacy preserving model which can be configurable (possibly on-demand) by a user not only quantitatively but rather qualitatively, i.e., the user is allowed to discriminate what type of information must be preserved and to what extent, according to her/his desired profiles of privacy. To this end, a lightweight client-side proxy named Hedge Proxy has been designed such that non-intelligible user contents and non-traceable user actions are guaranteed by enabling homomorphic encryption, oblivious transfer and query obfuscation schemes in the proxy. The paper also proposes an implementation and evaluation of the Hedge Proxy based on a specific DaaS environment developed at the University of Rome and called Virtual Distro Dispatcher (VDD). Preliminary results of such evaluation are presented and aim at assessing the performances experienced by users of VDD against the progressive privacy achievements that can be obtained. As expected, the perceived client performances when using VDD highly decrease when augmenting the level of privacy protection (e.g., using large key encryption size, high obfuscation density). Nevertheless, experiments show that for light encrypted data streams the system can reach fair level of privacy with small keys without significantly deteriorating user experienced performances.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Adida, B., Wikström, D.: How to Shuffle in Public. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 555–574. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  2. Ateniese, G., Baldoni, R., Bonomi, S., Di Luna, G.: Oblivious Assignment with m Slots. Technical report, MIDLAB 2/12 - University of Rome La Sapienza (2012), http://www.dis.uniroma1.it/mid-lab/publications.php

  3. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Stoica, I., Zaharia, M.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)

    Article  Google Scholar 

  4. Bertini, F., Lamanna, D.D., Baldoni, R.: Virtual Distro Dispatcher: A Costless Distributed Virtual Environment from Trashware. In: Stojmenovic, I., Thulasiram, R.K., Yang, L.T., Jia, W., Guo, M., de Mello, R.F. (eds.) ISPA 2007. LNCS, vol. 4742, pp. 223–234. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Bertino, E., Paci, F., Ferrini, R., Shang, N.: Privacy-preserving digital identity management for cloud computing. IEEE Data Engineering Bull. 32(1), 21–27 (2009)

    Google Scholar 

  6. Camp, J.L.: Designing for trust. In: Proc. of the International Conference on Trust, Reputation, and Security: Theories and Practice (AAMAS 2002), pp. 15–29. ACM Press (2003)

    Google Scholar 

  7. Cavoukian, A.: Privacy in the Clouds: Privacy and Digital Identity-Implications for the Internet. Information and Privacy Commissioner of Ontario (2008)

    Google Scholar 

  8. Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proc. of the ACM Workshop on Cloud Computing Security (CCSW 2009), pp. 85–90. ACM Press (2009)

    Google Scholar 

  9. Cristofaro, S., Bertini, F., Lamanna, D., Baldoni, R.: Virtual Distro Dispatcher: A Light-weight Desktop-as-a-Service Solution. In: Aversky, D.R., Diaz, M., Bode, A., Ciciani, B., Dekel, E. (eds.) Cloudcomp 2009. LNICST, vol. 34, pp. 247–260. Springer, Heidelberg (2010)

    Google Scholar 

  10. Fontaine, C., Galand, F.: A survey of homomorphic encryption for nonspecialists. EURASIP Journal on Information Security 15(1), 1–15 (2007)

    Article  Google Scholar 

  11. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: Proc. of the 19th ACM Symposium on Operating Systems Principles (SOSP 2003), pp. 193–206. ACM Press (2003)

    Google Scholar 

  12. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proc. of the 41st Annual ACM Symposium on Theory of Computing, pp. 169–178 (2009)

    Google Scholar 

  13. Huber, M.: Towards Secure Services in an Untrusted Environment. In: Proc. of the 15th International Workshop on Component-Oriented Programming, pp. 47–54 (2010)

    Google Scholar 

  14. Itani, W., Kayssi, A., Chehab, A.: Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures. In: Proc. of the 8th IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 711–716. IEEE Press (2009)

    Google Scholar 

  15. Jones, R., Kumar, R., Pang, B., Tomkins, A.: Vanity fair: privacy in querylog bundles. In: Proc. of the 17th ACM Conference on Information and Knowledge Management (CIKM 2008), pp. 853–862. ACM Press (2008)

    Google Scholar 

  16. Lamanna, D., Bertini, F., Cristofaro, S., Etico, B.: Vdd project (June 2007), http://www.vdd-project.org/

  17. Lodi, G., Querzoni, L., Baldoni, R., Marchetti, M., Colajanni, M., Bortnikov, V., Chockler, G., Dekel, E., Laventman, G., Roytman, A.: Defending Financial Infrastructures Through Early Warning Systems: The Intelligence Cloud Approach. In: Proc. of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies (April 2009)

    Google Scholar 

  18. Liu, J., Lu, Y.H., Koh, C.K.: Performance Analysis of Arithmetic Operations in Homomorphic Encryption. ECE Technical Reports, Electrical and Computer Engineering. Purdue Libraries (2010)

    Google Scholar 

  19. Lu, Y., Wang, W., Bhargava, B., Xu, D.: Trust-based privacy preservation for peer-to-peer data sharing. IEEE Transactions on Systems, Man and Cybernetics 36(3), 498–502 (2006)

    Article  Google Scholar 

  20. Mowbray, M., Pearson, S.: A client-based privacy manager for cloud computing. In: Proc. of the 4th International ICST Conference on COMmunication System softWAre and middlewaRE (COMSWARE 2009), pp. 1–8. ACM Press (2009)

    Google Scholar 

  21. Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: Proc. of the 12th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA 2001), pp. 448–457. SIAM Press (2001)

    Google Scholar 

  22. Oliveira, S.R.M., Zaïane, O.R.: Achieving Privacy Preservation when Sharing Data for Clustering. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 67–82. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Pearson, S., Shen, Y., Mowbray, M.: A Privacy Manager for Cloud Computing. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 90–106. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  24. Sadeghi, A.-R., Schneider, T., Winandy, M.: Token-Based Cloud Computing - Secure Outsourcing of Data and Arbitrary Computations with Lower Latency. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 417–429. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  25. Smart, N.P., Vercauteren, F.: Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 420–443. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  26. van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully Homomorphic Encryption over the Integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  27. http://www.realvnc.com/

  28. Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Ingegneria Informatica, Automatica e Gestionale “Antonio Ruberti”, Sapienza University of Rome, Rome, Italy

    D. Davide Lamanna, Giorgia Lodi & Roberto Baldoni

Authors
  1. D. Davide Lamanna
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Giorgia Lodi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roberto Baldoni
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Semantic Technology and Application Research Laboratory (STARLab), Vrije Universiteit Brussel, Building G-10, Pleinlaan 2, 1050, Brussels, Belgium

    Robert Meersman

  2. Research Centre for Automatic Control, School of Engineering in Information Technology, Campus scientifique, University of Lorraine, CNRS, BP 70239, 54506, Vandoeuvre-les-Nancy, France

    Hervé Panetto

  3. La Trobe University, Melbourne, VIC, Australia

    Tharam Dillon

  4. Faculty of Computer Science, University of Vienna, 1010, Vienna, Austria

    Stefanie Rinderle-Ma

  5. Institute of Databases and Information Systems, Ulm University, Germany

    Peter Dadam

  6. School of Information Technology and Electrical Engineering, University of Queensland, QLD 4072, Brisbane, Australia

    Xiaofang Zhou

  7. HP Labs, Bristol, UK

    Siani Pearson

  8. Johannes Kepler University, Linz, Austria

    Alois Ferscha

  9. Università di Modena e Reggio Emilia, Modena, Italy

    Sonia Bergamaschi

  10. ADVIS Lab, Department of Computer Science, University of Illinois at Chicago, Chicago, IL, USA

    Isabel F. Cruz

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lamanna, D.D., Lodi, G., Baldoni, R. (2012). How Not to Be Seen in the Cloud: A Progressive Privacy Solution for Desktop-as-a-Service. In: Meersman, R., et al. On the Move to Meaningful Internet Systems: OTM 2012. OTM 2012. Lecture Notes in Computer Science, vol 7566. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33615-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33615-7_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33614-0

  • Online ISBN: 978-3-642-33615-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics