SlideShare a Scribd company logo

Cloud Security Patterns for Improving Privacy

PRISMACLOUD Project
PRISMACLOUD Project

Thomas Länger (University of Lausanne) presented "Selected Cloud Security Patterns For Improving End User Security and Privacy in Public Clouds" at the 4th Annual Privacy Forum organised by ENISA on 7th - 8th September in Frankfurt, Germany!

Internet
1 of 16
Download to read offline
Selected Cloud Security Patterns For Improving End User Security and Privacy in Public Clouds Annual Privacy Forum 2016, Frankfurt/Main, 7. September 2016 Thomas L¨anger (A) thomas.laenger@unil.ch Henrich C. P¨ohls (B) hp@sec.uni-passau.de Solange Ghernaouti (A) sgh@unil.ch (A) Universit´e de Lausanne; (B) Universit¨at Passau Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 1 / 16
Overview of the Talk Horizon 2020 Project PRISMACLOUD: Relation to current topical “cloud landscape” Project goals and Plans and strategies to reach them Design Patterns and Cloud Security Patterns: What they are How and for what we use patterns in the project Specific patterns corresponding to PRISMACLOUD functionalities Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 2 / 16
Project PRISMACLOUD is part of HORIZON 2020 WORK PROGRAMME 2014–2015: Information and Communication Technologies Calls ICT 32 – 2014: Cybersecurity, Trustworthy ICT; Program Scope: Security-by-design for end-to-end security Cryptography Expected impact new design and implementation paradigms at marginal additional cost provide built-in privacy and security increase user trust and privacy protection; empower user control (and detection) provide more resilience for critical infrastructures Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 3 / 16
Motivation / Intention Cryptography is not widely used in current cloud offerings Use cryptography to address and mitigate several of the most common security threats and privacy threats in current cloud offerings Use a security by design/privacy by design approach and build the cryptography into the heart of the services from the start Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 4 / 16
Methodology Survey existing cryptographic primitives and protocols that can be applied in a cloud context—according to their Technology Readiness Level (TRL) Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 5 / 16
Methodology Select primitives which can probably be advanced to TRL7 (i.e. “system prototype demo in operational environment”) during timeframe of the project; Provide an implementation, as a “kit of configurable tools”, completely encapsulating the cryptographic functions; Provide a reference implementations for sample cloud services using the tools; Validate (services and tools) in three real-world applications in the fields of Smart Cities, e-Health, and e-Government. Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 6 / 16
PRISMACLOUD Architecture Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 7 / 16
Zoom Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 8 / 16
PRISMACLOUD Architecture structures and categorises technical outcomes, improves service development process, provides project context for r&d activities Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 9 / 16
The Project also has a Development Methodology. . . “secure software development lifecycle” “derive requirements, translate requirements, and map to model” from top to bottom “proof security, deploy tool, and extract capabilities” from bottom to top Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 10 / 16
Cloud Security Patterns Cloud security patterns are used for describing typical situations where information security and privacy problems occur—and which cryptographic functionalities can be applied to mitigate these problems. Cloud security patterns are an application of design patterns, which again describe re-usable, proven solutions (with the help of proposed “building blocks”) for recurring problems A design pattern is characterised according to categories, like, name of pattern, context, intention, problem, solution, consequences of their application. Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 11 / 16
Cloud Security Patterns... ...are descriptive rather than normative communicate often conflicting security requirements of different involved parties make people aware of contradictory aspects support a discussion process describe generative solutions to common design contentions support a security by design approach Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 12 / 16
“Re-using” Patterns in PRISMACLOUD 1. In the requirements work package (first project year) we established the first version of generic cloud security patterns: to describe situations where security and privacy problems generally occur we (approximately) intended to cover these situation with particular cryptographic technology 2. Later on, these patterns were used in support of the development of the PRISMACLOUD architecture (beginning project year 2). Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 13 / 16
Use of Patterns in PRISMACLOUD II 3. Currently, we are modifying the design pattern technique itself—we want to abandon the commonly used generic nature of design patterns—and use them for explicitly specifying the capabilities of the proposed services and tools for end users. 4. We also intend to use the “new patterns” for specifying the setting of configuration parameters of the sample services for specific end user requirements (service level agreement–SLA). Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 14 / 16
PRISMACLOUD Patterns - Synopsis Field 1: Data Storage in the Cloud P1: Secure cloud storage by default P2: Moving a legacy application’s database to the cloud Field 2: User Privacy Protection and Data Minimisation P3: Non-identifiable and untrackable use of a cloud service P4: Minimise exposure of private data during authenticat. in the cloud P5: Big data anonymisation Field 3: Authentication of Stored and Processed Data P6: Protect the authenticity of a data set and possible subsets P7: Authorise controlled subsequent modifications of signed data P8: Controlling the correctness of delegated computations P9: Controlling your virtual infrastructures Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 15 / 16
For details on the patterns/secure cloud services/tools refer to: Publication (T. L¨anger et al.) in the APF2016 Proceedings “PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services” (Publication by Lor¨unser, Slamanig, L¨anger, P¨ohls; in: Proceedings of the ARES 2016 conf; to be published on IEEEXPLORE Sept. 2016 please email me – I’ll send you a preprint copy! Project deliverables and pubs on https://prismacloud.eu Thanks for your Attention! thomas.laenger@unil.ch Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 16 / 16

Recommended

7
77
7IMPULSE_TECHNOLOGY
 
Thesis Topics in Communication Engineering
Thesis Topics in Communication EngineeringThesis Topics in Communication Engineering
Thesis Topics in Communication EngineeringPhD Direction
 
Access Control & Encryption In Cloud Environments
Access Control & Encryption In Cloud EnvironmentsAccess Control & Encryption In Cloud Environments
Access Control & Encryption In Cloud EnvironmentsJames Wernicke
 
Session 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion session
Session 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion sessionSession 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion session
Session 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion sessionEUBrasilCloudFORUM .
 
Cloudsim Projects With Source Code
Cloudsim Projects With Source CodeCloudsim Projects With Source Code
Cloudsim Projects With Source CodePhD Direction
 
Proximity aware local-recoding anonymization with map reduce for scalable big...
Proximity aware local-recoding anonymization with map reduce for scalable big...Proximity aware local-recoding anonymization with map reduce for scalable big...
Proximity aware local-recoding anonymization with map reduce for scalable big...Nexgen Technology
 
PhD Projects in Cybersecurity Research Ideas
PhD Projects in Cybersecurity Research IdeasPhD Projects in Cybersecurity Research Ideas
PhD Projects in Cybersecurity Research IdeasPhD Services
 
PhD Projects in Dependable Secure Computing Research Topics
PhD Projects in Dependable Secure Computing Research TopicsPhD Projects in Dependable Secure Computing Research Topics
PhD Projects in Dependable Secure Computing Research TopicsPhD Services
 

Recommended

7
77
7IMPULSE_TECHNOLOGY
 
Thesis Topics in Communication Engineering
Thesis Topics in Communication EngineeringThesis Topics in Communication Engineering
Thesis Topics in Communication EngineeringPhD Direction
 
Access Control & Encryption In Cloud Environments
Access Control & Encryption In Cloud EnvironmentsAccess Control & Encryption In Cloud Environments
Access Control & Encryption In Cloud EnvironmentsJames Wernicke
 
Session 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion session
Session 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion sessionSession 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion session
Session 2: Cloudscape Brazil 2017 & WCN Position Papers: Discussion sessionEUBrasilCloudFORUM .
 
Cloudsim Projects With Source Code
Cloudsim Projects With Source CodeCloudsim Projects With Source Code
Cloudsim Projects With Source CodePhD Direction
 
Proximity aware local-recoding anonymization with map reduce for scalable big...
Proximity aware local-recoding anonymization with map reduce for scalable big...Proximity aware local-recoding anonymization with map reduce for scalable big...
Proximity aware local-recoding anonymization with map reduce for scalable big...Nexgen Technology
 
PhD Projects in Cybersecurity Research Ideas
PhD Projects in Cybersecurity Research IdeasPhD Projects in Cybersecurity Research Ideas
PhD Projects in Cybersecurity Research IdeasPhD Services
 
PhD Projects in Dependable Secure Computing Research Topics
PhD Projects in Dependable Secure Computing Research TopicsPhD Projects in Dependable Secure Computing Research Topics
PhD Projects in Dependable Secure Computing Research TopicsPhD Services
 
How the Open Source model adapts to the cloud computing environment
How the Open Source model adapts to the cloud computing environmentHow the Open Source model adapts to the cloud computing environment
How the Open Source model adapts to the cloud computing environmentLorenzo Benussi
 
PhD Projects in DSP Research Guidance
PhD Projects in DSP Research GuidancePhD Projects in DSP Research Guidance
PhD Projects in DSP Research GuidancePhD Services
 
23
2323
23Technology_solution
 
Optimum Resource Allocation using Specification Matching and Priority Based M...
Optimum Resource Allocation using Specification Matching and Priority Based M...Optimum Resource Allocation using Specification Matching and Priority Based M...
Optimum Resource Allocation using Specification Matching and Priority Based M...rahulmonikasharma
 
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...Nexgen Technology
 
Collaborative Maintenance of Semantic Networks - Present or Future?
Collaborative Maintenance of Semantic Networks - Present or Future?Collaborative Maintenance of Semantic Networks - Present or Future?
Collaborative Maintenance of Semantic Networks - Present or Future?Alexander Haffner
 
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETSPRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETSNexgen Technology
 
K nearest neighbor classification over semantically secure encrypted relation...
K nearest neighbor classification over semantically secure encrypted relation...K nearest neighbor classification over semantically secure encrypted relation...
K nearest neighbor classification over semantically secure encrypted relation...ieeepondy
 
PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Project
 
Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2sandeep1721
 
Dagrep v006-i009-complete
Dagrep v006-i009-completeDagrep v006-i009-complete
Dagrep v006-i009-completesandeep1721
 
Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
 
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...IJERA Editor
 
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...Nobukazu Yoshioka
 
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONSECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONacijjournal
 
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONSECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONacijjournal
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...Yiannis Verginadis
 
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic EncryptionThreat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic Encryptionijcisjournal
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword EU Project
 
Andrei Patrascu support letter
Andrei Patrascu support letterAndrei Patrascu support letter
Andrei Patrascu support letterAndrei Patrascu
 
Making secret sharing based cloud storage usable
Making secret sharing based cloud storage usableMaking secret sharing based cloud storage usable
Making secret sharing based cloud storage usableYing wei (Joe) Chou
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 

More Related Content

What's hot

How the Open Source model adapts to the cloud computing environment
How the Open Source model adapts to the cloud computing environmentHow the Open Source model adapts to the cloud computing environment
How the Open Source model adapts to the cloud computing environmentLorenzo Benussi
 
PhD Projects in DSP Research Guidance
PhD Projects in DSP Research GuidancePhD Projects in DSP Research Guidance
PhD Projects in DSP Research GuidancePhD Services
 
Optimum Resource Allocation using Specification Matching and Priority Based M...
Optimum Resource Allocation using Specification Matching and Priority Based M...Optimum Resource Allocation using Specification Matching and Priority Based M...
Optimum Resource Allocation using Specification Matching and Priority Based M...rahulmonikasharma
 
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...Nexgen Technology
 
Collaborative Maintenance of Semantic Networks - Present or Future?
Collaborative Maintenance of Semantic Networks - Present or Future?Collaborative Maintenance of Semantic Networks - Present or Future?
Collaborative Maintenance of Semantic Networks - Present or Future?Alexander Haffner
 
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETSPRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETSNexgen Technology
 
K nearest neighbor classification over semantically secure encrypted relation...
K nearest neighbor classification over semantically secure encrypted relation...K nearest neighbor classification over semantically secure encrypted relation...
K nearest neighbor classification over semantically secure encrypted relation...ieeepondy
 

What's hot (8)

How the Open Source model adapts to the cloud computing environment
How the Open Source model adapts to the cloud computing environmentHow the Open Source model adapts to the cloud computing environment
How the Open Source model adapts to the cloud computing environment
 
PhD Projects in DSP Research Guidance
PhD Projects in DSP Research GuidancePhD Projects in DSP Research Guidance
PhD Projects in DSP Research Guidance
 
23
2323
23
 
Optimum Resource Allocation using Specification Matching and Priority Based M...
Optimum Resource Allocation using Specification Matching and Priority Based M...Optimum Resource Allocation using Specification Matching and Priority Based M...
Optimum Resource Allocation using Specification Matching and Priority Based M...
 
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
 
Collaborative Maintenance of Semantic Networks - Present or Future?
Collaborative Maintenance of Semantic Networks - Present or Future?Collaborative Maintenance of Semantic Networks - Present or Future?
Collaborative Maintenance of Semantic Networks - Present or Future?
 
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETSPRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
PRIVATE OVER-THRESHOLD AGGREGATION PROTOCOLS OVER DISTRIBUTED DATASETS
 
K nearest neighbor classification over semantically secure encrypted relation...
K nearest neighbor classification over semantically secure encrypted relation...K nearest neighbor classification over semantically secure encrypted relation...
K nearest neighbor classification over semantically secure encrypted relation...
 

Similar to Cloud Security Patterns for Improving Privacy

PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Project
 
Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2sandeep1721
 
Dagrep v006-i009-complete
Dagrep v006-i009-completeDagrep v006-i009-complete
Dagrep v006-i009-completesandeep1721
 
Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
 
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...IJERA Editor
 
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...Nobukazu Yoshioka
 
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONSECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONacijjournal
 
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONSECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONacijjournal
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...Yiannis Verginadis
 
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic EncryptionThreat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic Encryptionijcisjournal
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword EU Project
 
Andrei Patrascu support letter
Andrei Patrascu support letterAndrei Patrascu support letter
Andrei Patrascu support letterAndrei Patrascu
 
Making secret sharing based cloud storage usable
Making secret sharing based cloud storage usableMaking secret sharing based cloud storage usable
Making secret sharing based cloud storage usableYing wei (Joe) Chou
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 
State of the Art in Cloud Security
State of the Art in Cloud SecurityState of the Art in Cloud Security
State of the Art in Cloud Securityijsrd.com
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...PRISMACLOUD Project
 
Multi- Level Data Security Model for Big Data on Public Cloud: A New Model
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelMulti- Level Data Security Model for Big Data on Public Cloud: A New Model
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelEswar Publications
 
kuijper 201012 - iippsw-sra-xmas2010
kuijper 201012 - iippsw-sra-xmas2010kuijper 201012 - iippsw-sra-xmas2010
kuijper 201012 - iippsw-sra-xmas2010Michiel Kuijper
 
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...1crore projects
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448IJRAT
 

Similar to Cloud Security Patterns for Improving Privacy (20)

PRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by DesignPRISMACLOUD Cloud Security and Privacy by Design
PRISMACLOUD Cloud Security and Privacy by Design
 
Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2Dagrep v006-i009-complete 2
Dagrep v006-i009-complete 2
 
Dagrep v006-i009-complete
Dagrep v006-i009-completeDagrep v006-i009-complete
Dagrep v006-i009-complete
 
Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.com
 
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
Analysis of Homomorphic Technique and Secure Hash Technique for Multimedia Co...
 
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
WM2SP16 Keynote: Current and Future challenge of Model and Modelling on Secur...
 
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONSECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
 
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTIONSECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
SECURE OUTSOURCED CALCULATIONS WITH HOMOMORPHIC ENCRYPTION
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic EncryptionThreat Modeling of Cloud based Implementation of Homomorphic Encryption
Threat Modeling of Cloud based Implementation of Homomorphic Encryption
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 
Andrei Patrascu support letter
Andrei Patrascu support letterAndrei Patrascu support letter
Andrei Patrascu support letter
 
Making secret sharing based cloud storage usable
Making secret sharing based cloud storage usableMaking secret sharing based cloud storage usable
Making secret sharing based cloud storage usable
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
 
State of the Art in Cloud Security
State of the Art in Cloud SecurityState of the Art in Cloud Security
State of the Art in Cloud Security
 
Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...
 
Multi- Level Data Security Model for Big Data on Public Cloud: A New Model
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelMulti- Level Data Security Model for Big Data on Public Cloud: A New Model
Multi- Level Data Security Model for Big Data on Public Cloud: A New Model
 
kuijper 201012 - iippsw-sra-xmas2010
kuijper 201012 - iippsw-sra-xmas2010kuijper 201012 - iippsw-sra-xmas2010
kuijper 201012 - iippsw-sra-xmas2010
 
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
A Framework for Secure Computations with Two Non-Colluding Servers and Multip...
 
Paper id 27201448
Paper id 27201448Paper id 27201448
Paper id 27201448
 

Recently uploaded

VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 

Recently uploaded (20)

VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 

Cloud Security Patterns for Improving Privacy

  • 1. Selected Cloud Security Patterns For Improving End User Security and Privacy in Public Clouds Annual Privacy Forum 2016, Frankfurt/Main, 7. September 2016 Thomas L¨anger (A) thomas.laenger@unil.ch Henrich C. P¨ohls (B) hp@sec.uni-passau.de Solange Ghernaouti (A) sgh@unil.ch (A) Universit´e de Lausanne; (B) Universit¨at Passau Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 1 / 16
  • 2. Overview of the Talk Horizon 2020 Project PRISMACLOUD: Relation to current topical “cloud landscape” Project goals and Plans and strategies to reach them Design Patterns and Cloud Security Patterns: What they are How and for what we use patterns in the project Specific patterns corresponding to PRISMACLOUD functionalities Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 2 / 16
  • 3. Project PRISMACLOUD is part of HORIZON 2020 WORK PROGRAMME 2014–2015: Information and Communication Technologies Calls ICT 32 – 2014: Cybersecurity, Trustworthy ICT; Program Scope: Security-by-design for end-to-end security Cryptography Expected impact new design and implementation paradigms at marginal additional cost provide built-in privacy and security increase user trust and privacy protection; empower user control (and detection) provide more resilience for critical infrastructures Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 3 / 16
  • 4. Motivation / Intention Cryptography is not widely used in current cloud offerings Use cryptography to address and mitigate several of the most common security threats and privacy threats in current cloud offerings Use a security by design/privacy by design approach and build the cryptography into the heart of the services from the start Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 4 / 16
  • 5. Methodology Survey existing cryptographic primitives and protocols that can be applied in a cloud context—according to their Technology Readiness Level (TRL) Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 5 / 16
  • 6. Methodology Select primitives which can probably be advanced to TRL7 (i.e. “system prototype demo in operational environment”) during timeframe of the project; Provide an implementation, as a “kit of configurable tools”, completely encapsulating the cryptographic functions; Provide a reference implementations for sample cloud services using the tools; Validate (services and tools) in three real-world applications in the fields of Smart Cities, e-Health, and e-Government. Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 6 / 16
  • 7. PRISMACLOUD Architecture Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 7 / 16
  • 8. Zoom Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 8 / 16
  • 9. PRISMACLOUD Architecture structures and categorises technical outcomes, improves service development process, provides project context for r&d activities Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 9 / 16
  • 10. The Project also has a Development Methodology. . . “secure software development lifecycle” “derive requirements, translate requirements, and map to model” from top to bottom “proof security, deploy tool, and extract capabilities” from bottom to top Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 10 / 16
  • 11. Cloud Security Patterns Cloud security patterns are used for describing typical situations where information security and privacy problems occur—and which cryptographic functionalities can be applied to mitigate these problems. Cloud security patterns are an application of design patterns, which again describe re-usable, proven solutions (with the help of proposed “building blocks”) for recurring problems A design pattern is characterised according to categories, like, name of pattern, context, intention, problem, solution, consequences of their application. Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 11 / 16
  • 12. Cloud Security Patterns... ...are descriptive rather than normative communicate often conflicting security requirements of different involved parties make people aware of contradictory aspects support a discussion process describe generative solutions to common design contentions support a security by design approach Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 12 / 16
  • 13. “Re-using” Patterns in PRISMACLOUD 1. In the requirements work package (first project year) we established the first version of generic cloud security patterns: to describe situations where security and privacy problems generally occur we (approximately) intended to cover these situation with particular cryptographic technology 2. Later on, these patterns were used in support of the development of the PRISMACLOUD architecture (beginning project year 2). Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 13 / 16
  • 14. Use of Patterns in PRISMACLOUD II 3. Currently, we are modifying the design pattern technique itself—we want to abandon the commonly used generic nature of design patterns—and use them for explicitly specifying the capabilities of the proposed services and tools for end users. 4. We also intend to use the “new patterns” for specifying the setting of configuration parameters of the sample services for specific end user requirements (service level agreement–SLA). Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 14 / 16
  • 15. PRISMACLOUD Patterns - Synopsis Field 1: Data Storage in the Cloud P1: Secure cloud storage by default P2: Moving a legacy application’s database to the cloud Field 2: User Privacy Protection and Data Minimisation P3: Non-identifiable and untrackable use of a cloud service P4: Minimise exposure of private data during authenticat. in the cloud P5: Big data anonymisation Field 3: Authentication of Stored and Processed Data P6: Protect the authenticity of a data set and possible subsets P7: Authorise controlled subsequent modifications of signed data P8: Controlling the correctness of delegated computations P9: Controlling your virtual infrastructures Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 15 / 16
  • 16. For details on the patterns/secure cloud services/tools refer to: Publication (T. L¨anger et al.) in the APF2016 Proceedings “PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services” (Publication by Lor¨unser, Slamanig, L¨anger, P¨ohls; in: Proceedings of the ARES 2016 conf; to be published on IEEEXPLORE Sept. 2016 please email me – I’ll send you a preprint copy! Project deliverables and pubs on https://prismacloud.eu Thanks for your Attention! thomas.laenger@unil.ch Th. L¨anger, H.C. P¨ohls, S. Ghernaouti Annual Privacy Forum 2016 16 / 16