iPrivacy: a Distributed Approach to Privacy on the Cloud

The increasing adoption of Cloud storage poses a number of privacy issues. Users wish to preserve full control over their sensitive data and cannot accept that it to be accessible by the remote storage provider. Previous research was made on techniques to protect data stored on untrusted servers; however we argue that the cloud architecture presents a number of open issues. To handle them, we present an approach where confidential data is stored in a highly distributed database, partly located on the cloud and partly on the clients. Data is shared in a secure manner using a simple grant-and-revoke permission of shared data and we have developed a system test implementation, using an in-memory RDBMS with row-level data encryption for fine-grained data access controlComment: 13 pages, International Journal on Advances in Security 2011 vol.4 no 3 & 4. arXiv admin note: substantial text overlap with arXiv:1012.0759, arXiv:1109.355

Ontology-based composition and matching for dynamic cloud service coordination

Recent cross-organisational software service offerings, such as cloud computing, create higher integration needs. In particular, services are combined through brokers and mediators, solutions to allow individual services to collaborate and their interaction to be coordinated are required. The need to address dynamic management - caused by cloud and on-demand environments - can be addressed through service coordination based on ontology-based composition and matching techniques. Our solution to composition and matching utilises a service coordination space that acts as a passive infrastructure for collaboration where users submit requests that are then selected and taken on by providers. We discuss the information models and the coordination principles of such a collaboration environment in terms of an ontology and its underlying description logics. We provide ontology-based solutions for structural composition of descriptions and matching between requested and provided services

Cloud-based Quadratic Optimization with Partially Homomorphic Encryption

The development of large-scale distributed control systems has led to the outsourcing of costly computations to cloud-computing platforms, as well as to concerns about privacy of the collected sensitive data. This paper develops a cloud-based protocol for a quadratic optimization problem involving multiple parties, each holding information it seeks to maintain private. The protocol is based on the projected gradient ascent on the Lagrange dual problem and exploits partially homomorphic encryption and secure multi-party computation techniques. Using formal cryptographic definitions of indistinguishability, the protocol is shown to achieve computational privacy, i.e., there is no computationally efficient algorithm that any involved party can employ to obtain private information beyond what can be inferred from the party's inputs and outputs only. In order to reduce the communication complexity of the proposed protocol, we introduced a variant that achieves this objective at the expense of weaker privacy guarantees. We discuss in detail the computational and communication complexity properties of both algorithms theoretically and also through implementations. We conclude the paper with a discussion on computational privacy and other notions of privacy such as the non-unique retrieval of the private information from the protocol outputs

What role does corporate governance play in the intention to use cloud computing technology?

This paper aims to investigate the factors which promote the adoption of cloud-based technology. It strives for a better understanding of the impact of corporate governance on the adoption of this technology. This study concentrated on executives in companies where the use of cloud computing may give a competitive advantage. The main contribution of this work is to propose a model for the influence of corporate governance and other factors that determine the adoption of this technology. A questionnaire was prepared after taking into consideration the reviewed literature. The sample consisted of 164 technology companies from Southern Spain that already use the new economic models for digital solutions. The methodology used to analyze the structural model was the Structural Equation Model (SEM). The results of the survey showed the influence of Corporate Governance and the procedures and practices of the organization on the adoption of cloud computing and the associated business model. This study aims to point out the importance of corporate support and Knowledge Management for the correct and successful adoption of this technology and to show the effects on the new business model of billing for the use of available resources. View Full-Tex

A Heterogeneous Systems Public Key Encryption with Equality Test in Smart City

Smart cities have been identified as areas which are urbanized and utilize diverse types of electronic data collection sensors that are used to oversee resources and assets efficiently. Smart meters are a unit of smart cities and they collect information about users and their consumption patterns. Consequently, the Internet of Things (IoT) being at a steady evolution has prompted multiple users into having their data collected from smart meters, stored on cloud servers. This is a way of saving costs and time involved in accessing the data. In spite of that, the cloud-assisted IoT faces privacy and security issues. This is as a result of the cloud servers possessing an untrusted nature. Due to this, it is essential for the data accumulated from the smart meters be encrypted hitherto outsourcing it to the cloud server. However, having encrypted data in the cloud server leads to a complication when it comes to accessing the data. For users who are on a different public key system, it becomes illogical for the users to first download the entire data on the cloud in order to access the required data. Therefore to resolve this issue, a heterogeneous systems public key encryption with equality test (HS-PKE-ET) scheme was proposed. The HS-PKE-ET scheme integrates certificateless public cryptography with equality test (CLC-ET) with the public key encryption with equality test (PKI-ET). This scheme allows an authorized cloud server to determine if two encryptions encrypted within heterogeneous systems possess equivalent messages. Basing on the random oracle model, the proposed scheme’s security is stated under the bilinear Diffie-Hellman assumption together with the computational Diffie-Hellman assumption. Ultimately the size of storage, computation complexities and properties with other related works are focused on and illustrations indicate our proposed scheme reflects a good performance