Abstract
Cloud computing entails a novel security threat: The cloud service provider is entrusted with the data of all its customers. This may not be sustainable for highly confidential data. Encryption, or more generally cryptography, may provide a solution by computing on data encrypted by the customers. While this solution is theoretically appealing, it raises a number of research questions in information system design.
Using the example of collaborative benchmarking the author presents and evaluates an exemplary design and implementation of a cloud application that operates only on encrypted data, thus protecting the confidentiality of the customer’s data against the cloud service provider. The cloud application computes common statistics for benchmarking without disclosing the individual key performance indicators.
Benchmarking is an important process for companies to stay competitive in today’s markets. It allows them to evaluate their performance against the statistics of their peers and implement targeted improvement measures.
Similar content being viewed by others
References
Abraham I, Dolev D, Gonen R, Halpern JY (2006) Distributed computing meets game theory: robust mechanisms for rational secret sharing and multiparty computation. In: Proc 25th ACM symposium on principles of distributed computing, pp 53–62
Aggarwal G, Mishra N, Pinkas B (2004) Secure computation of the kth-ranked element. In: Proc Eurocrypt, pp 40–55
Atallah M, Bykova M, Li J, Frikken K, Topkara M (2004) Private collaborative forecasting and benchmarking. In: Proc ACM workshop on privacy in an electronic society, pp 103–114
Ben-David A, Nisan N, Pinkas B (2008) FairplayMP: a system for secure multi-party computation. In: Proc 15th ACM conference on computer and communications security, pp 257–266
Bennett K, Bradley P, Demiriz A (2000) Constrained K-means clustering. Microsoft technical report
Ben-Or M, Goldwasser S, Wigderson A (1988) Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proc 20th ACM symposium on theory of computing, pp 1–10
Bogetoft P, Christensen D, Damgard I, Geisler M, Jakobsen T, Kroigaard M, Nielsen J, Nielsen J, Nielsen K, Pagter J, Schwartzbach M, Toft T (2009) Secure multiparty computation goes live. In: Proc 13th international conference on financial cryptography and data security, pp 325–343
Bogetoft P, Damgard I, Jakobsen T, Nielsen K, Pagter J, Toft T (2006) A practical implementation of secure auctions based on multiparty integer computation. In: Proc 10th international conference on financial cryptography and data security, pp 142–147
Bogetoft P, Nielsen K (2005) Internet based benchmarking. Group Decision and Negotiation 14(3):195–215
Cramer R, Damgard I, Nielsen J (2001) Multiparty computation from threshold homomorphic encryption. In: Proc Eurocrypt, pp 280–299
Crotts J, Pan B, Dimitry C (2006) Hospitality performance index: a case study of developing an internet-based competitive analysis and benchmarking tool for hospitality industry. In: Proc conference of travel and tourism research association
Damgard I, Geisler M, Kroigard M (2008) Homomorphic encryption and secure comparison. International Journal of Applied Cryptography 1(1):22–31
Damgard I, Jurik M (2001) A generalisation, a simplification and some applications of pailliers probabilistic public-key system. In: Proc international conference on theory and practice of public-key cryptography, pp 119–136
Di Crescenzo G (2000) Private selective payment protocols. In: Proc 4th international conference on financial cryptography and data security, pp 72–89
Di Crescenzo G (2001) Privacy for the stock market. In: Proc 5th international conference on financial cryptography and data security, pp 269–288
Eurich M, Oertel N, Boutellier R (2010) The impact of perceived privacy risks on organizations’ willingness to share item-level event data across the supply chain. Electronic Commerce Research 10(3–4):423–440
Fischlin M (2001) A cost-effective pay-per-multiplication comparison method for millionaires. In: Proc RSA security cryptographer’s track, pp 457–471
Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: Proc 41st ACM symposium on theory of computing, pp 169–178
Goldreich O (2002) Secure multi-party computation. http://www.wisdom.weizmann.ac.il/~oded/pp.html. Accessed 2011-02-07
Goldreich O, Micali S, Wigderson A (1987) How to play any mental game. In: Proc 19th ACM symposium on theory of computing, pp 218–229
Halpern J, Teague V (2004) Rational secret sharing and multiparty computation: extended abstract. In: Proc 36th ACM symposium on theory of computing, pp 623–632
Kerschbaum F (2007) Building a privacy-preserving benchmarking enterprise system. In: Proc 11th IEEE international EDOC conference, pp 87–96
Kerschbaum F (2008) Practical privacy-preserving benchmarking. In: Proc 23rd IFIP international information security conference, pp 17–31
Kerschbaum F (2009) Adapting privacy-preserving computation to the service provider model. In: Proc 1st IEEE international conference on privacy, security, risk and trust, pp 34–41
Kerschbaum F (2010) A privacy-preserving benchmarking platform. Dissertation. Karlsruhe Institute of Technology
Kerschbaum F, Dahlmeier D, Schröpfer A, Biswas D (2009) On the practical importance of communication complexity for secure multi-party computation protocols. In: Proc 24th ACM symposium on applied computing, pp 2008–2015
Kerschbaum F, Terzidis O (2006) Filtering for private collaborative benchmarking. In: Proc international conference on emerging trends in information and communication security, pp 409–422
Li J, Atallah M (2006) secure and private collaborative linear programming. In: Proc 2nd international conference on collaborative computing, pp 1–8
Malkhi D, Nisan N, Pinkas B, Sella Y (2004) Fairplay—a secure two-party computation system. In: Proc USENIX security symposium, pp 287–302
Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Proc Eurocrypt, pp 223–238
Rizzo L (1997) Dummynet: a simple approach to the evaluation of network protocols. ACM Computer Communication Review 27(1):31–41
Sakuma J, Kobayashi S (2007) A genetic algorithm for privacy preserving combinatorial optimization. In: Proc conference on genetic and evolutionary computation, pp 1372–1379
Sander T, Young A, Yung M (1999) Non-interactive crypto-computing for NC1. In: Proc 40th IEEE symposium on foundations of computer science, pp 554–567
ShareMind (2010) http://research.cyber.ee/sharemind/. Accessed 2011-02-07
Shoham Y, Tennenholtz M (2005) Non-cooperative computation: boolean functions with correctness and exclusivity. Theoretical Computer Science 343(1–2):97–113
Toft T (2009) Solving linear programs using multiparty computation. In: Proc 13th international conference on financial cryptography and data security, pp 90–107
VIFF (2010) http://www.viff.dk/. Accessed 2011-02-07
Yao A (1986) How to generate and exchange secrets. In: Proc 27th IEEE symposium on foundations of computer science, pp 162–167
Author information
Authors and Affiliations
Corresponding author
Additional information
Accepted after three revisions by Prof. Dr. Müller.
This article is also available in German in print and via http://www.wirtschaftsinformatik.de: Kerschbaum F (2011) Sicheres und nachhaltiges Benchmarking in der Cloud. Eine Mehrparteien-Cloud-Anwendung ohne vertrauenswürdigen Dienstanbieter. WIRTSCHAFTSINFORMATIK. doi: 10.1007/s11576-011-0267-1.
Rights and permissions
About this article
Cite this article
Kerschbaum, F. Secure and Sustainable Benchmarking in Clouds. Bus Inf Syst Eng 3, 135–143 (2011). https://doi.org/10.1007/s12599-011-0153-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12599-011-0153-9