UNTRACEABLE ANONYMOUS SERVICE CONSUMPTION IN SaaS
Vinícius Pacheco, Ricardo Puttini
2012
Abstract
Several cloud computing providers are emerging to provide web services that encapsulate common business logic in the cloud. However, these Software as a Service (SaaS) offers are currently based in trust relationships between cloud consumers and providers. Consumer must trust the provider not to disclose sensitive data exchanged during service provision, as such leak can compromise consumer’s privacy and threaten its business. In this paper, we propose a privacy enhancing framework to protect consumer information privacy against excessive exposure to cloud computing providers. Our design is essentially based on anonymity technology, as conventional encryption and authentication security mechanisms do not supply enough protection to consumer’s privacy; particularly, when the provider itself is considered a threat. The design consists in a multi-layered framework, where different anonymity techniques are employed together to protect the privacy of different types of consumer information, during both administrative (e.g., legal contracting and financial transactions) and technical (e.g., message exchanges) interactions. We also describe a complete connection anonymity SaaS service consumption scheme based on e-cash as the main tool for generating and managing anonymous credentials in the cloud.
References
- Beresford, A., Stajano, F., 2003. Location Privacy in Pervasive Computing. In IEEE Pervasive Computing journal, Volume 2 Issue 1.
- Camenisch, J., Hohenberger, S., Lysyanskaya, A., 2005. Compact E-Cash. In Lecture Note on Computer Science, Eurocrypt 2005, pages 302-321, Springer Verlag.
- Chaum, D., 1981. Untraceable electronic mail, return addresses, and digital pseudonyms. In Communications of the ACM, Volume 24, Number 2.
- Chaum, D., 1982. Blind signatures for untraceable payments. In David Chaum, Ronald L. Rivest, and Alan T. Sherman, editors, Advances in Cryptology - CRYPTO 7882, pages 199- 203.
- Clarke, R., 1997. Introduction to Dataveillance and Information Privacy, and Definitions of Terms. In http://www.rogerclarke.com/DV/Intro.html.
- Díaz, C., Seys, S., Claessens, J., Preneel, B., 2002. Towards measuring anonymity. In Proceedings of the 2nd international conference on Privacy enhancing technologies.
- Dingledine, R., Mathewson, N., Syverson, P., 2004. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium.
- Okamoto, T., Ohta, K., 1992. Universal Electronic Cash, 1992. In Advances in Cryptology - Crypto 7891, page 324-325, Springer-Verlag.
- Pacheco, V., Puttini, R., 2011. SaaS Anonymity Framework. Manuscript.
Paper Citation
in Harvard Style
Pacheco V. and Puttini R. (2012). UNTRACEABLE ANONYMOUS SERVICE CONSUMPTION IN SaaS . In Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-8565-05-1, pages 96-101. DOI: 10.5220/0003930700960101
in Bibtex Style
@conference{closer12,
author={Vinícius Pacheco and Ricardo Puttini},
title={UNTRACEABLE ANONYMOUS SERVICE CONSUMPTION IN SaaS},
booktitle={Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2012},
pages={96-101},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003930700960101},
isbn={978-989-8565-05-1},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - UNTRACEABLE ANONYMOUS SERVICE CONSUMPTION IN SaaS
SN - 978-989-8565-05-1
AU - Pacheco V.
AU - Puttini R.
PY - 2012
SP - 96
EP - 101
DO - 10.5220/0003930700960101