Article

Confidentiality as a Service -- Usable Security for the Cloud

Authors:

Sascha Fahl,

Marian Harbach,

Thomas Muders,

Matthew SmithAuthors Info & Claims

TRUSTCOM '12: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications

Pages 153 - 162

https://doi.org/10.1109/TrustCom.2012.112

Published: 25 June 2012 Publication History

Abstract

There is an increasing number of easy-to-use cloud services to store and share information with others. Facebook, Dropbox, iCloud, Googlemail, Amazon S3, Windows SkyDrive and similar services encourage users to entrust the companies' servers with a large variety of information: from their holiday pictures to corporate documents. However, both private and corporate users commonly fail to take account of possible privacy consequences. Even though there are approaches to provide confidentiality for the users' data in the cloud, these are not widely adopted due to both awareness and usability issues. Therefore, we propose the novel Confidentiality as a Service (CaaS) paradigm to provide usable confidentiality and integrity for the bulk of users, for whom the current security mechanisms are too complex or require too much effort. The CaaS paradigm combines data security with usability by design and integrates effortlessly into available cloud service applications and workflows. We leverage the splitting of trust between the cloud service provider and one or more CaaS providers to improve usability. CaaS focuses on unobtrusive confidentiality by hiding all cryptographic artefacts from the prevalently non-technical users. Data protection is based on symmetric encryption and invisible key-management mechanisms. We present an integration for multiple popular cloud services to demonstrate the seamless applicability of CaaS.

Cited By

View all

Yadav THales JSeamons KYin HStavrou ACremers CShi E(2022)PosterProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3563541(3499-3501)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3563541
Tachikawa AKanaoka A(2020)Private Cloud Storage: Client-Side Encryption and Usable Secure Utility FunctionsHCI for Cybersecurity, Privacy and Trust10.1007/978-3-030-50309-3_44(652-670)Online publication date: 19-Jul-2020
https://dl.acm.org/doi/10.1007/978-3-030-50309-3_44
(2018)Trust modelling for opportunistic cloud servicesInternational Journal of Grid and Utility Computing10.5555/3292801.32928029:4(289-306)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.5555/3292801.3292802
Show More Cited By

Index Terms

Confidentiality as a Service -- Usable Security for the Cloud
1. Security and privacy

Index terms have been assigned to the content through auto-classification.

Recommendations

Cloud service engineering
ICSE '10: Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2

Building on compute and storage virtualization, Cloud Computing provides scalable, network-centric, abstracted IT infrastructure, platforms, and applications as on-demand services that are billed by consumption. Cloud Service Engineering is the ...
Cloud Computing Security: Amazon Web Service
ACCT '15: Proceedings of the 2015 Fifth International Conference on Advanced Computing & Communication Technologies

Cloud Computing is a recently emerged model which is becoming popular among almost all enterprises. It involves the concept of on demand services which means using the cloud resources on demand and we can scale the resources as per demand. Cloud ...
Cloud computing security: challenges and future trends

Cloud computing is one of the most trendy terminologies. Cloud providers aim to satisfy clients' requirements for computing resources such as services, applications, networks, storage and servers. They offer the possibility of leasing these resources ...

Comments

Information & Contributors

Information

Published In

TRUSTCOM '12: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications

June 2012

2049 pages

ISBN:9780769547459

Publisher

IEEE Computer Society

United States

Publication History

Published: 25 June 2012

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yadav THales JSeamons KYin HStavrou ACremers CShi E(2022)PosterProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3563541(3499-3501)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3563541
Tachikawa AKanaoka A(2020)Private Cloud Storage: Client-Side Encryption and Usable Secure Utility FunctionsHCI for Cybersecurity, Privacy and Trust10.1007/978-3-030-50309-3_44(652-670)Online publication date: 19-Jul-2020
https://dl.acm.org/doi/10.1007/978-3-030-50309-3_44
(2018)Trust modelling for opportunistic cloud servicesInternational Journal of Grid and Utility Computing10.5555/3292801.32928029:4(289-306)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.5555/3292801.3292802
Ruoti SAndersen JMonson TZappala DSeamons K(2018)A comparative usability study of key management in secure emailProceedings of the Fourteenth USENIX Conference on Usable Privacy and Security10.5555/3291228.3291258(375-394)Online publication date: 12-Aug-2018
https://dl.acm.org/doi/10.5555/3291228.3291258
Bai WKim DNamara MQian YKelley PMazurek M(2016)An inconvenient trustProceedings of the Twelfth USENIX Conference on Usable Privacy and Security10.5555/3235895.3235906(113-130)Online publication date: 22-Jun-2016
https://dl.acm.org/doi/10.5555/3235895.3235906
Sharma S(2016)Expanded cloud plumes hiding Big Data ecosystemFuture Generation Computer Systems10.1016/j.future.2016.01.00359:C(63-92)Online publication date: 1-Jun-2016
https://dl.acm.org/doi/10.1016/j.future.2016.01.003
Deguchi MKita KToyama MAnderst-Kotsis GIndrawan-Santiago M(2015)Web-based mailing list administration on RMXProceedings of the 17th International Conference on Information Integration and Web-based Applications & Services10.1145/2837185.2837204(1-8)Online publication date: 11-Dec-2015
https://dl.acm.org/doi/10.1145/2837185.2837204
Deguchi MKita KToyama MDesai BToyama M(2015)Web-based Intuitive Management of RMXProceedings of the 19th International Database Engineering & Applications Symposium10.1145/2790755.2790796(216-217)Online publication date: 13-Jul-2015
https://dl.acm.org/doi/10.1145/2790755.2790796
Kurek TLason ANiemiec M(2015)First step towards preserving the privacy of cloud-based IDS security policiesSecurity and Communication Networks10.1002/sec.12728:18(3481-3491)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1002/sec.1272
He WAkhawe DJain SShi ESong DAhn GYung MLi N(2014)ShadowCryptProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2660326(1028-1039)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2660326
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations

Cloud service engineering

Cloud Computing Security: Amazon Web Service

Cloud computing security: challenges and future trends

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations