Zusammenfassung
Durch Cloud-Computing entsteht eine neue Sicherheitsbedrohung: Dem Cloud-Dienstanbieter werden die Daten aller seiner Kunden anvertraut. Dies kann die Nachhaltigkeit bei streng vertraulichen Daten verhindern. Verschlüsselung, oder allgemeiner Kryptographie, kann diesen Konflikt durch kundenseitige Verschlüsselung der zu verarbeitenden Daten lösen. Obwohl diese Lösung theoretisch überzeugend ist, ergibt sich eine Reihe neuer Forschungsfragestellungen bei der Gestaltung betrieblicher Informationssysteme.
Am Beispiel gemeinschaftlichen Benchmarkings werden das Design und die Implementierung einer Cloud-Anwendung beschrieben und evaluiert, die nur mit verschlüsselten Daten arbeitet und dadurch die Vertraulichkeit der Kundendaten gegenüber dem Dienstanbieter gewährleistet. Die Cloud-Anwendung berechnet unternehmensübergreifende Statistiken im Rahmen des Benchmarkings, ohne dabei die einzelnen Kennzahlen offenzulegen.
Benchmarking ist wichtig für Unternehmen, um die Wettbewerbsfähigkeit zu erhalten. So können sie anhand von Statistiken ihre Leistung mit der Konkurrenz vergleichen und gegebenenfalls gezielte Verbesserungsmaßnahmen einleiten.
Abstract
Cloud computing entails a novel security threat: The cloud service provider is entrusted with the data of all its customers. This may not be sustainable for highly confidential data. Encryption, or more generally cryptography, may provide a solution by computing on data encrypted by the customers. While this solution is theoretically appealing, it raises a number of research questions in information system design.
Using the example of collaborative benchmarking the author presents and evaluates an exemplary design and implementation of a cloud application that operates only on encrypted data, thus protecting the confidentiality of the customer’s data against the cloud service provider. The cloud application computes common statistics for benchmarking without disclosing the individual key performance indicators.
Benchmarking is an important process for companies to stay competitive in today’s markets. It allows them to evaluate their performance against the statistics of their peers and implement targeted improvement measures.
This is a preview of subscription content, log in via an institution to check access.
Literatur
Abraham I, Dolev D, Gonen R, Halpern JY (2006) Distributed computing meets game theory: robust mechanisms for rational secret sharing and multiparty computation. In: Proc 25th ACM symposium on principles of distributed computing, S 53–62
Aggarwal G, Mishra N, Pinkas B (2004) Secure computation of the kth-ranked element. In: Proc Eurocrypt, S 40–55
Atallah M, Bykova M, Li J, Frikken K, Topkara M (2004) Private collaborative forecasting and benchmarking. In: Proc ACM workshop on privacy in an electronic society, S 103–114
Ben-David A, Nisan N, Pinkas B (2008) FairPlayMP: a system for secure multi-party computation. In: Proc 15th ACM conference on computer and communications security, S 257–266
Bennett K, Bradley P, Demiriz A (2000) Constrained K-means clustering. Microsoft technical report
Ben-Or M, Goldwasser S, Wigderson A (1988) Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proc 20th ACM symposium on theory of computing, S 1–10
Bogetoft P, Christensen D, Damgard I, Geisler M, Jakobsen T, Kroigaard M, Nielsen J, Nielsen J, Nielsen K, Pagter J, Schwartzbach M, Toft T (2009) Secure multiparty computation goes live. In: Proc 13th international conference on financial cryptography and data security, S 325–343
Bogetoft P, Damgard I, Jakobsen T, Nielsen K, Pagter J, Toft T (2006) A practical implementation of secure auctions based on multiparty integer computation. In: Proc 10th international conference on financial cryptography and data security, S 142–147
Bogetoft P, Nielsen K (2005) Internet based benchmarking. Group Decision and Negotiation 14(3):195–215
Cramer R, Damgard I, Nielsen J (2001) Multiparty computation from threshold homomorphic encryption. In: Proc Eurocrypt, S 280–299
Crotts J, Pan B, Dimitry C (2006) Hospitality performance index: a case study of developing an internet-based competitive analysis and benchmarking tool for hospitality industry. In: Proc conference of travel and tourism research association
Damgard I, Geisler M, Kroigard M (2008) Homomorphic encryption and secure comparison. International Journal of Applied Cryptography 1(1):22–31
Damgard I, Jurik M (2001) A generalisation, a simplification and some applications of pailliers probabilistic public-key system. In: Proc international conference on theory and practice of public-key cryptography, S 119–136
Di Crescenzo G (2000) Private selective payment protocols. In: Proc 4th international conference on financial cryptography and data security, S 72–89
Di Crescenzo G (2001) Privacy for the stock market. In: Proc 5th international conference on financial cryptography and data security, S 269–288
Eurich M, Oertel N, Boutellier R (2010) The impact of perceived privacy risks on organizations’ willingness to share item-level event data across the supply chain. Electronic Commerce Research 10(3–4):423–440
Fischlin M (2001) A cost-effective pay-per-multiplication comparison method for millionaires. In: Proc RSA security cryptographer’s track, S 457–471
Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: Proc 41st ACM symposium on theory of computing, S 169–178
Goldreich O (2002) Secure multi-party computation. http://www.wisdom.weizmann.ac.il/~oded/pp.html. Abruf am 2011-02-07
Goldreich O, Micali S, Wigderson A (1987) How to play any mental game. In: Proc 19th ACM symposium on theory of computing, S 218–229
Halpern J, Teague V (2004) Rational secret sharing and multiparty computation: extended abstract. In: Proc 36th ACM symposium on theory of computing, S 623–632
Kerschbaum F (2007) Building a privacy-preserving benchmarking enterprise system. In: Proc 11th IEEE international EDOC conference, S 87–96
Kerschbaum F (2008) Practical privacy-preserving benchmarking. In: Proc 23rd IFIP international information security conference, S 17–31
Kerschbaum F (2009) Adapting privacy-preserving computation to the service provider model. In: Proc 1st IEEE international conference on privacy, security, risk and trust, S 34–41
Kerschbaum F (2010) A privacy-preserving benchmarking platform. Dissertation. Karlsruhe Institute of Technology
Kerschbaum F, Dahlmeier D, Schröpfer A, Biswas D (2009) On the practical importance of communication complexity for secure multi-party computation protocols. In: Proc 24th ACM symposium on applied computing, S 2008–2015
Kerschbaum F, Terzidis O (2006) Filtering for private collaborative benchmarking. In: Proc international conference on emerging trends in information and communication security, S 409–422
Li J, Atallah M (2006) secure and private collaborative linear programming. In: Proc 2nd international conference on collaborative computing, S 1–8
Malkhi D, Nisan N, Pinkas B, Sella Y (2004) Fairplay—a secure two-party computation system. In: Proc USENIX security symposium, S 287–302
Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. In: Proc Eurocrypt, S 223–238
Rizzo L (1997) Dummynet: a simple approach to the evaluation of network protocols. ACM Computer Communication Review 27(1):31–41
Sakuma J, Kobayashi S (2007) A genetic algorithm for privacy preserving combinatorial optimization. In: Proc conference on genetic and evolutionary computation, S 1372–1379
Sander T, Young A, Yung M (1999) Non-interactive crypto-computing for NC1. In: Proc 40th IEEE symposium on foundations of computer science, S 554–567
ShareMind (2010) http://research.cyber.ee/sharemind/. Abruf am 2011-02-07
Shoham Y, Tennenholtz M (2005) Non-cooperative computation: boolean functions with correctness and exclusivity. Theoretical Computer Science 343(1–2):97–113
Toft T (2009) Solving linear programs using multiparty computation. In: Proc 13th international conference on financial cryptography and data security, S 90–107
VIFF (2010) http://www.viff.dk/. Abruf am 2011-02-07
Yao A (1986) How to generate and exchange secrets. In: Proc 27th IEEE symposium on foundations of computer science, S 162–167
Author information
Authors and Affiliations
Corresponding author
Additional information
Angenommen nach drei Überarbeitungen durch Prof. Dr. Müller.
This article is also available in English via http://www.springerlink.com and http://www.bise-journal.org: Kerschbaum F (2011) Secure and Sustainable Benchmarking in Clouds. A Multi-Party Cloud Application with an Untrusted Service Provider. Bus Inf Syst Eng. doi: 10.1007/s12599-011-0153-9.
Rights and permissions
About this article
Cite this article
Kerschbaum, F. Sicheres und nachhaltiges Benchmarking in der Cloud. WIRTSCHAFTSINFORMATIK 53, 129–138 (2011). https://doi.org/10.1007/s11576-011-0267-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11576-011-0267-1
Schlüsselwörter
- Cloud-computing
- Verschlüsselung
- Kryptographie
- Homomorphe Verschlüsselung
- Sichere Mehrparteienberechnungen
- Benchmarking
- Gemeinschaftliche Geschäftsanwendungen