20 20

Transactions on
Data Privacy
Foundations and Technologies

http://www.tdp.cat


Articles in Press

Accepted articles here

Latest Issues

Year 2017

Volume 10 Issue 2
Volume 10 Issue 1

Year 2016

Volume 9 Issue 3
Volume 9 Issue 2
Volume 9 Issue 1

Year 2015

Volume 8 Issue 3
Volume 8 Issue 2
Volume 8 Issue 1

Year 2014

Volume 7 Issue 3
Volume 7 Issue 2
Volume 7 Issue 1

Year 2013

Volume 6 Issue 3
Volume 6 Issue 2
Volume 6 Issue 1

Year 2012

Volume 5 Issue 3
Volume 5 Issue 2
Volume 5 Issue 1

Year 2011

Volume 4 Issue 3
Volume 4 Issue 2
Volume 4 Issue 1

Year 2010

Volume 3 Issue 3
Volume 3 Issue 2
Volume 3 Issue 1

Year 2009

Volume 2 Issue 3
Volume 2 Issue 2
Volume 2 Issue 1

Year 2008

Volume 1 Issue 3
Volume 1 Issue 2
Volume 1 Issue 1


Volume 8 Issue 2


On the Feasibility of (Practical) Commercial Anonymous Cloud Storage

Tobias Pulls(a),(*), Daniel Slamanig(b)

Transactions on Data Privacy 8:2 (2015) 89 - 111

Abstract, PDF

(a) Department of Mathematics and Computer Science, Karlstad University, Karlstad, Sweden.

(b) Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology (TUG), Inffeldgasse 16a, 8010 Graz, Austria.

e-mail:tobias.pulls @kau.se; daniel.slamanig @tugraz.at


Abstract

Current de facto standard payment and billing models for commercial cloud storage services provide a plethora of information to the cloud provider about its clients. This leads to a hostile environment when seen from a privacy perspective. Motivated by recently leaked facts about large scale governmental surveillance efforts as well as the lack of privacy-preserving measures in existing commercial cloud storage services, in this paper, we investigate the feasibility of so called anonymous cloud storage services which require user payment (which we call commercial anonymous cloud storage). Anonymity in this context can be seen as the absence of information to uniquely identify a provider's client that is storing and manipulating data at the provider while at the same time still allowing fair billing, for both, the clients and the cloud provider.

Although encrypting data prior to outsourcing helps to protect data privacy and can be achieved without the cloud provider's consent, the issues we are interested in, do not seem to be achievable that easily. However, while various measures for the latter issue, i.e., realizing access privacy, have been studied in the past, the role of privacy in context of billing and payment for cloud storage has, until now, remained unexplored. We therefore introduce an abstract model for commercial cloud storage services to define various types of anonymous cloud storage, study several payment and billing models for cloud storage services and their impact on the anonymity of the service's clients. Moreover, we discuss several solutions to provide anonymity within the different models.

Our findings highlight the importance of anonymous payment for the practical deployment of commercial privacy-friendly cloud storage services. Furthermore, we provide directions for future work in some settings, i.e., when anonymous payment is not available, as interesting open challenges.

* Corresponding author.

Follow us




Supports










ISSN: 1888-5063; ISSN (Digital): 2013-1631; D.L.:B-11873-2008; Web Site: http://www.tdp.cat/
Contact: Transactions on Data Privacy; Vicenç Torra; U. of Skövde; PO Box 408; 54128 Skövde; (Sweden); e-mail:tdp@tdp.cat

 


Vicenç Torra, Last modified: 10 : 27 June 27 2015.