On the Feasibility of (Practical) Commercial Anonymous Cloud Storage
Tobias Pulls(a),(*), Daniel Slamanig(b)
Transactions on Data Privacy 8:2 (2015) 89 - 111
(a) Department of Mathematics and Computer Science, Karlstad University, Karlstad, Sweden.
Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology (TUG),
Inffeldgasse 16a, 8010 Graz, Austria.
e-mail:tobias.pulls @kau.se; daniel.slamanig @tugraz.at
Current de facto standard payment and billing models for commercial cloud storage services provide a plethora of information to the cloud provider about its clients. This leads to a hostile environment when seen from a privacy perspective. Motivated by recently leaked facts about large scale governmental surveillance efforts as well as the lack of privacy-preserving measures in existing commercial cloud storage services, in this paper, we investigate the feasibility of so called anonymous cloud storage services which require user payment (which we call commercial anonymous cloud storage). Anonymity in this context can be seen as the absence of information to uniquely identify a provider's client that is storing and manipulating data at the provider while at the same time still allowing fair billing, for both, the clients and the cloud provider.
Although encrypting data prior to outsourcing helps to protect data privacy and can be achieved without the cloud provider's consent, the issues we are interested in, do not seem to be achievable that easily. However, while various measures for the latter issue, i.e., realizing access privacy, have been studied in the past, the role of privacy in context of billing and payment for cloud storage has, until now, remained unexplored. We therefore introduce an abstract model for commercial cloud storage services to define various types of anonymous cloud storage, study several payment and billing models for cloud storage services and their impact on the anonymity of the service's clients. Moreover, we discuss several solutions to provide anonymity within the different models.
Our findings highlight the importance of anonymous payment for the practical deployment of commercial privacy-friendly cloud storage services. Furthermore, we provide directions for future work in some settings, i.e., when anonymous payment is not available, as interesting open challenges.