Skip to main content
SpringerLink
Log in

Enhancing privacy in cloud computing via policy-based obfuscation

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In this paper, we describe a privacy manager for cloud computing that controls policy-based obfuscation and de-obfuscation of personal, sensitive, or confidential data within cloud service provision. By these means, cloud computing users may reduce the risk of their private data being stolen or misused, and in addition assistance may be given to cloud computing providers in helping them conform to privacy law. We describe different possible architectures for such privacy management in cloud computing, give an algebraic description of obfuscation features provided by the privacy manager, and describe how policies may be defined to control such obfuscation. Furthermore, we assess the performance and scalability of this approach and consider mechanisms to enhance usability. Several examples of how the privacy manager might be used are given, including protection of private metadata associated with online photos and of confidential information contained within share portfolios.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Pearson S (ed) (2002) Trusted computing platforms. Prentice Hall, Upper Saddle River

    Google Scholar 

  2. UK Government (2000) Regulation of Investigatory Powers Act II:28

  3. US Government (2001) Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act V:505

  4. Organization for Economic Co-operation and Development (OECD) (1980) Guidelines Governing the Protection of Privacy and Transborder Flow of Personal Data

  5. European Union (1995) EU Data Protection Directive (95/46/EC)

  6. Salmon J (2008) Clouded in uncertainty—the legal pitfalls of cloud computing. In: Computing. Incisive Media Ltd. http://www.computing.co.uk/computing/features/2226701/clouded-uncertainty-4229153. Accessed 4 Nov 2009

  7. Mowbray M (2009) The fog over the grimpen mire: cloud computing and the law. SCRIPT—J Law Technol Soc 6(1):132–146

    Google Scholar 

  8. Wayner P (2002) Translucent databases. Flyzone Press, Baltimore

    Google Scholar 

  9. Bertino E, Ferrari E (2002) Secure and selective dissemination of XML documents. ACM Trans Inf Syst Secur 5(3):290–331

    Article  Google Scholar 

  10. Miklau G, Suciu D (2003) Controlling access to published data using cryptography. In: Proc VLDB, VLDB Endowment, pp 898–909

  11. Agrawal R, Kiernan J, Srikant R, Xu Y (2002) Hippocratic databases. In: Proc VLDB, VLDB Endowment, pp 143–154

  12. IBM (2009): Tivoli Privacy Manager for e-business. http://www-01.ibm.com/software/tivoli/products/privacy-mgr-e-bus/. Accessed 4 Nov 2009

  13. Casassa Mont M, Pearson S (2005) An adaptive privacy management system for data repositories. In: Proc TrustBus. LNCS, vol 3592. Springer, Heidelberg, pp 236–245

    Google Scholar 

  14. Yao AC (1986) How to generate and exchange secrets. In: 27th symposium on foundations of computer science (FoCS). IEEE Press, New York, pp 162–167

    Google Scholar 

  15. Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: 41st ACM symposium on theory of computing (STOC). ACM, New York, pp 169–178

    Chapter  Google Scholar 

  16. Boneh D, Goh E-J, Nissim K (2005) Evaluating 2-DNF formulas on ciphertexts. In: TCC 2005. LNCS, vol 3378. Springer, Berlin, Heidelberg, pp 325–341

    Google Scholar 

  17. Lindell Y, Pinkas B (2002) Privacy preserving data mining. J Cryptol 15(3):151–222

    Article  MathSciNet  Google Scholar 

  18. Liu K (2006) Privacy preserving data mining bibliography. http://www.cs.umbc.edu/~kunliu1/research/privacy_review.html. Accessed 4 Nov 2009

  19. Mowbray M, Pearson S (2009) A client-based privacy manager for cloud computing. In: COMSWARE ’09. ACM, New York

    Google Scholar 

  20. Dean J, Ghemawat S (2008) Map reduce: simplified data processing on large clusters. Commun ACM 51(1):107–113

    Article  Google Scholar 

  21. Date CJ (1986) A guide to the SQL standard. Addison-Wesley Longman, Boston

    Google Scholar 

  22. Amazon Web Services LLC (2009) TC3 health. http://aws.amazon.com/solutions/case-studies/tc3-health/. Accessed 4 Nov 2009

  23. Pearson S, Shen Y, Mowbray M (2009) A privacy manager for cloud computing. In: 1st International conference on cloud computing. LNCS, Beijing. Springer, Berlin

  24. World Wide Web Consortium (W3C) (2007) Platform for Privacy Preferences (P3P) Project. http://www.w3.org/P3P. Accessed 4 Nov 2009

  25. Cranor L (2002) Web privacy with P3P. O’Reilly & Associates

  26. PRIME Project (2004–2009) PRIME—privacy and identity management for Europe. https://www.prime-project.eu/. Accessed 4 Nov 2009

  27. Boneh D, Franklin M (2003) Identity-based encryption from the Weil Pairing. SIAM J Comput 32(2):586–615

    Article  MathSciNet  MATH  Google Scholar 

  28. Casassa Mont M, Pearson S, Bramhall P (2003) Towards accountable management of identity and privacy: sticky policies and enforceable tracing services. In: IEEE workshop on data and expert systems applications. IEEE Computer Society Press, Washington, pp 377–382

    Google Scholar 

  29. Casassa Mont M, Thyne R (2006) A systemic approach to automate privacy policy enforcement in enterprises. In: PET’06. LNCS, vol 4258. Springer, Berlin, Heidelberg, pp 118–134

    Google Scholar 

  30. Patrick S, Kenny S (2003) From privacy legislation to interface design: implementing information privacy in human-computer interactions. In: Dingledine R (ed) PET’03. LNCS, vol 2760. Springer, Berlin, Heidelberg, pp 107–124

    Google Scholar 

  31. Brodorik P, Jutla D, Wang M (2008) Consistent privacy preferences (CPP): model, semantics, and properties. In: SAC’08. ACM, Fortaleza, Ceará, Brazil

  32. Ehsan Elahi T, Pearson S (2007) Privacy assurance: bridging the gap between preference and practice. In: Lambrinoudakis C, Pernul G, Tjoa A (eds) LNCS, vol 4657. Springer, Berlin, Heidelberg, pp 65–74

  33. World Wide Web Consortium (W3C) (2002) A P3P Preference Exchange Language 1.0 (APPEL 1.0). In: Langheinrich M (ed). http://www.w3.org/TR/P3P-preferences/. Accessed 4 Nov 2009

  34. Agrawal R, Kiernan J, Srikant R, Xu Y (2005) XPref: a preference language for P3P. Comput Netw 48(5):809–827

    Article  MATH  Google Scholar 

  35. Cranor L, Guduru P, Arjula M (2006) User interfaces for privacy agents. In: ACM Trans Computer-Human Interact 13(2):135–178

    Article  Google Scholar 

  36. Irwin K, Yu T (2005) Determining user privacy preferences by asking the right questions: an automated approach. In: WPES’05. ACM, Alexandria, Virginia, USA

  37. Kelley P, Bresee J, Cranor L, Reeder R (2009) A “nutrition label” for privacy. In: 5th Symposium on usable privacy and security, SOUPS ’09. ACM, New York

    Google Scholar 

  38. Pettersson J, Fischer-Hübner S, Danielsson N, Nilsson J, Bergmann M, Clauss S, Kriegelstein T, Krasemann H (2005) Making PRIME usable. In: SOUPS. ACM, New York

    Google Scholar 

  39. EU PrimeLife project (2009) Privacy and identity management in Europe for life. http://www.primelife.eu. Accessed 4 Nov 2009

  40. Trusted Computing Group (2009) TPM Main Specification. http://www.trustedcomputinggroup.org/resources/tpm_main_specification. Accessed 4 Nov 2009

  41. Pearson S (2005) Trusted computing: strengths, weaknesses and further opportunities for enhancing privacy. In: Trust Management. LNCS, vol 3477. Springer, Heidelberg, pp 305–320

    Chapter  Google Scholar 

  42. Dalton C, Plaquin D, Weidner W, Kuhlmann D, Balacheff B, Brown R (2009) Trusted virtual platforms: a key enabler for converged client devices. ACM SIGOPS Oper Syst Rev 43(1):36–43

    Article  Google Scholar 

  43. Gritzalis D, Moulinos K, Kostis K (2001) A privacy-enhancing e-business model based on infomediaries. In: Goos G, Hartmanis J, van Leeuwen J (eds) Information assurance in computer networks. LNCS, vol 2052. Springer, Heidelberg, pp 72–93

    Chapter  Google Scholar 

  44. SourceForge, Inc (2009) The Reasons for Otemba’s Existence. http://sourceforge.net/apps/trac/otemba/wiki/Reasons%20for%20existence. Accessed 4 Nov 2009

  45. Zou D, Dou S, Zheng W, Jin H (2009) Building automated trust negotiation architecture in virtual computing environment. J Supercomput. doi:10.1007/s11227-009-0358-6

  46. ENISA (2009) Cloud Computing: Benefits, risks and recommendations for information security. Catteddu D, Hogben G (eds). Available http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment/

  47. Pearson S, Casassa Mont M, Novoa M (2008) Securing information transfer within distributed computing environments. IEEE Secur Priv Mag 6(1):34–42

    Article  Google Scholar 

  48. NMEA standard (2010) Available at http://www.nmea.org/content/nmea_standards/nmea_083_v_400.asp

  49. Narayanan A, Shmatikov V (2005) Obfuscated databases and group privacy. In: 12th ACM conference on computer and communications security. ACM, New York, pp 102–111

    Chapter  Google Scholar 

  50. Salesforce.com, Inc (2000–2009) Sales Cloud. http://www.salesforce.com/products/sales-force-automation/. Accessed 4 Nov 2009

  51. Haimes YY (1999) Risk modeling, assessment, and management. Syst Man Cybern C 29(2):315

    Google Scholar 

  52. Despotovic Z, Aberer K (2006) P2P reputation management: probabilistic estimation vs. social networks. Comput Netw 50(4):485–500

    Article  MATH  Google Scholar 

  53. The EnCoRe Project (2008) EnCoRe: ensuring consent and revocation. http://www.encore-project.info. Accessed 4 Nov 2009

Download references

Author information

Authors and Affiliations

  1. HP Labs, Long Down Avenue, Stoke Gifford, Bristol, BS34 8QZ, UK

    Miranda Mowbray, Siani Pearson & Yun Shen

Authors
  1. Miranda Mowbray
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Siani Pearson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yun Shen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Siani Pearson.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Mowbray, M., Pearson, S. & Shen, Y. Enhancing privacy in cloud computing via policy-based obfuscation. J Supercomput 61, 267–291 (2012). https://doi.org/10.1007/s11227-010-0425-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-010-0425-z

Keywords

Search

Navigation