To read the full version of this content please select one of the options below:

Sealed computation: a mechanism to support privacy-aware trustworthy cloud service

Lamya Abdullah (Department of Computer Science, University of Erlangen-Nuremberg, Erlangen, Germany and Department of Research and Development, Uniscon GmbH, München, Germany)
Juan Quintero (Department of Computer Science, University of Erlangen-Nuremberg, Erlangen, Germany and Department of Research and Development, Uniscon GmbH, München, Germany)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 17 June 2019

Issue publication date: 23 October 2019

Downloads
261

Abstract

Purpose

The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.

Design/methodology/approach

An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.

Findings

Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.

Originality/value

A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).

Keywords

Acknowledgements

The authors would like to thank Felix Freiling for his comments and suggestions on previous versions of this article and Zinaida Benenson for her collaboration on the previous version of this work published at SECPRE 2018 (Abdullah et al. (2018)). The authors would also like to thank Nico Döttling, Johannes Götzfried, Tilo Müller and Hubert Jäger for useful comments and discussions.

This research was supported by the “Privacy&Us” Innovative Training Network (EU H2020 MSCA ITN, grant agreement No.675730).

Citation

Abdullah, L. and Quintero, J. (2019), "Sealed computation: a mechanism to support privacy-aware trustworthy cloud service", Information and Computer Security, Vol. 27 No. 5, pp. 601-620. https://doi.org/10.1108/ICS-11-2018-0133

Publisher

:

Emerald Publishing Limited

Copyright © 2019, Emerald Publishing Limited