Provable and Practical Security for Database Outsourcing

In this work, we provide formal notions for different privacy goals of data outsourcing and establish their relations. Furthermore, as a main contribution, we provide a meaningful security notion for database outsourcing and a practical scheme fulfilling this notion as well as implementations that demonstrate the viability. We prove the security of our scheme in a formal model and provide extensions an optimisations for performance as well as for security

PaaSword: A Data Privacy and Context-aware Security Framework for Developing Secure Cloud Applications - Technical and Scientific Contributions

Most industries worldwide have entered a period of reaping the benefits and opportunities cloud offers. At the same time, many efforts are made to address engineering challenges for the secure development of cloud systems and software.With the majority of software engineering projects today relying on the cloud, the task to structure end-to-end secure-by-design cloud systems becomes challenging but at the same time mandatory. The PaaSword project has been commissioned to address security and data privacy in a holistic way by proposing a context-aware security-by-design framework to support software developers in constructing secure applications for the cloud. This chapter presents an overview of the PaaSword project results, including the scientific achievements as well as the description of the technical solution. The benefits offered by the framework are validated through two pilot implementations and conclusions are drawn based on the future research challenges which are discussed in a research agenda