Sealed computation: a mechanism to support privacy-aware trustworthy cloud service

Lamya Abdullah (Department of Computer Science, University of Erlangen-Nuremberg, Erlangen, Germany and Department of Research and Development, Uniscon GmbH, München, Germany)
Juan Quintero (Department of Computer Science, University of Erlangen-Nuremberg, Erlangen, Germany and Department of Research and Development, Uniscon GmbH, München, Germany)

Information & Computer Security

ISSN: 2056-4961

Publication date: 7 June 2019

Abstract

Purpose

The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.

Design/methodology/approach

An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.

Findings

Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.

Originality/value

A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).

Keywords

Citation

Lamya Abdullah and Juan Quintero (2019) "Sealed computation: a mechanism to support privacy-aware trustworthy cloud service", Information & Computer Security, Vol. ahead-of-print No. ahead-of-print

Download as .RIS

DOI

: https://doi.org/10.1108/ICS-11-2018-0133

Publisher

:

Emerald Publishing Limited

Copyright © 2019, Emerald Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.