20 20

Transactions on
Data Privacy
Foundations and Technologies


Articles in Press

Accepted articles here

Latest Issues

Year 2023

Volume 16 Issue 3
Volume 16 Issue 2
Volume 16 Issue 1

Year 2022

Volume 15 Issue 3
Volume 15 Issue 2
Volume 15 Issue 1

Year 2021

Volume 14 Issue 3
Volume 14 Issue 2
Volume 14 Issue 1

Year 2020

Volume 13 Issue 3
Volume 13 Issue 2
Volume 13 Issue 1

Year 2019

Volume 12 Issue 3
Volume 12 Issue 2
Volume 12 Issue 1

Year 2018

Volume 11 Issue 3
Volume 11 Issue 2
Volume 11 Issue 1

Year 2017

Volume 10 Issue 3
Volume 10 Issue 2
Volume 10 Issue 1

Year 2016

Volume 9 Issue 3
Volume 9 Issue 2
Volume 9 Issue 1

Year 2015

Volume 8 Issue 3
Volume 8 Issue 2
Volume 8 Issue 1

Year 2014

Volume 7 Issue 3
Volume 7 Issue 2
Volume 7 Issue 1

Year 2013

Volume 6 Issue 3
Volume 6 Issue 2
Volume 6 Issue 1

Year 2012

Volume 5 Issue 3
Volume 5 Issue 2
Volume 5 Issue 1

Year 2011

Volume 4 Issue 3
Volume 4 Issue 2
Volume 4 Issue 1

Year 2010

Volume 3 Issue 3
Volume 3 Issue 2
Volume 3 Issue 1

Year 2009

Volume 2 Issue 3
Volume 2 Issue 2
Volume 2 Issue 1

Year 2008

Volume 1 Issue 3
Volume 1 Issue 2
Volume 1 Issue 1

Volume 8 Issue 2

On the Feasibility of (Practical) Commercial Anonymous Cloud Storage

Tobias Pulls(a),(*), Daniel Slamanig(b)

Transactions on Data Privacy 8:2 (2015) 89 - 111

Abstract, PDF

(a) Department of Mathematics and Computer Science, Karlstad University, Karlstad, Sweden.

(b) Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology (TUG), Inffeldgasse 16a, 8010 Graz, Austria.

e-mail:tobias.pulls @kau.se; daniel.slamanig @tugraz.at


Current de facto standard payment and billing models for commercial cloud storage services provide a plethora of information to the cloud provider about its clients. This leads to a hostile environment when seen from a privacy perspective. Motivated by recently leaked facts about large scale governmental surveillance efforts as well as the lack of privacy-preserving measures in existing commercial cloud storage services, in this paper, we investigate the feasibility of so called anonymous cloud storage services which require user payment (which we call commercial anonymous cloud storage). Anonymity in this context can be seen as the absence of information to uniquely identify a provider's client that is storing and manipulating data at the provider while at the same time still allowing fair billing, for both, the clients and the cloud provider.

Although encrypting data prior to outsourcing helps to protect data privacy and can be achieved without the cloud provider's consent, the issues we are interested in, do not seem to be achievable that easily. However, while various measures for the latter issue, i.e., realizing access privacy, have been studied in the past, the role of privacy in context of billing and payment for cloud storage has, until now, remained unexplored. We therefore introduce an abstract model for commercial cloud storage services to define various types of anonymous cloud storage, study several payment and billing models for cloud storage services and their impact on the anonymity of the service's clients. Moreover, we discuss several solutions to provide anonymity within the different models.

Our findings highlight the importance of anonymous payment for the practical deployment of commercial privacy-friendly cloud storage services. Furthermore, we provide directions for future work in some settings, i.e., when anonymous payment is not available, as interesting open challenges.

* Corresponding author.

Follow us


ISSN: 1888-5063; ISSN (Digital): 2013-1631; D.L.:B-11873-2008; Web Site: http://www.tdp.cat/
Contact: Transactions on Data Privacy; Vicenç Torra; U. of Skövde; PO Box 408; 54128 Skövde; (Sweden); e-mail:tdp@tdp.cat
Note: TDP's web site does not use cookies. TDP does not keep information neither on IP addresses nor browsers. For the privacy policy access here.


Vicenç Torra, Last modified: 10 : 27 June 27 2015.