Locking down the cloud

Nov 08, 2013

A software re-encryption system could allow users to pay for and run applications "in the cloud" without revealing their identity to the cloud host. The same approach would also allow the software providers to lock out malicious users.

Writing in the International Journal of Grid and Utility Computing, Ronald Petrlic, Stephan Sekula and Christoph Sorge of the University of Paderborn, Germany, explain how the emergence of cloud computing has allowed end users access to powerful computer resources hosted at remote locations via the internet. Such services include simple applications such as web-based email and file storage as well as more sophisticated social networking and multimedia communication tools, website hosting systems, file editing and manipulation and many other applications.

However, with ease of access, comes the issue of privacy. To utilize proprietary cloud services users must provide personal details or otherwise tie their identity to the (DRM) system or the license built into the software. Inherent in this approach to access is the problem that the cloud provider may not be the licensing body for the software itself and so a third party will often require access to the user's credentials too, which gives rise to privacy issues. Moreover, there is no reason why a legitimate user of the software need give their identity to the software provider either, as long as they have fulfilled their commitments - financial or otherwise - to obtaining a license to use the software.

Petrlic and colleagues have developed what they call "a privacy-friendly architecture" for future cloud computing systems where software licensing and software payment is required. The utility of their approach will be immediately apparent once cloud abandon so-called freemium and advertising-driven business models and simply start charging users to use the applications they develop. In this system, users authorise a - the cloud host - to buy a certain piece of software from a software provider. However, the service provider does not learn what software is bought, as the software provider sends an encrypted version of the application together with the corresponding licence to the cloud host. Each time the user wants to use the software on their cloud host, the program execution is initialized at a computing centre of their choosing anonymously.

By implementing such a system, the cloud host is remunerated for the hosting services and the encryption facilities, they provide, the software company gets its license fee, and the user gets to use the software they paid for "in the cloud" without the cloud host being able to identify them or even knowing what software is being used.

"Privacy protection will become more important in the cloud computing scenarios of the future," the team says, equally, "Proper payment concepts are crucial for providers to take part in future ."

Explore further: SAP co-CEO: Cloud computing growing strongly (Update)

More information: "A privacy-friendly architecture for future cloud computing" in Int. J. Grid and Utility Computing, 2013, 4, 265-277

add to favorites email to friend print save as pdf

Related Stories

The cloud within us

Mar 27, 2013

The first tentative steps towards a peer-to-peer approach to cloud computing that enables users and removes the risks and costs of relying on industry giants to offer services are being taken by an international team of researchers.

SAP profits up 23 percent as cloud computing grows

Oct 21, 2013

Business management software company SAP AG says net profit rose 23 percent in the third quarter as its cloud computing business grew rapidly and the company kept down costs by holding down hiring of new employees.

Oracle buys 'cloud' service firm RightNow

Oct 24, 2011

Enterprise software giant Oracle said Monday it had struck a deal to buy RightNow Technologies, which helps companies manage their cloud computing activities, for $1.5 billion.

Recommended for you

Sony surprises with first quarter profit

43 minutes ago

(AP)—Sony Corp. reported a surprise eightfold jump in quarterly profit Thursday as sales got a perk from a cheap yen and its bottom line was helped by gains from selling buildings and its stake in a video-game maker.

Samsung profit falls as smartphone sales slow

57 minutes ago

(AP)—Samsung Electronics Co. reported a bigger-than-expected fall in second quarter profit on Thursday and said it was uncertain if earnings from its handset business would improve in the current quarter.

Why let your sales force influence product prices?

20 hours ago

From the outside, you might not notice the ongoing tension within many large businesses: the battle between salespeople, on the one hand, and marketers and product managers, on the other. Because the salespeople ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

YottabyteDuane
not rated yet Nov 11, 2013
Privacy is THE issue. Its amazing to me how people, knowingly and unknowingly, put their information out there for all to consume. Data...controlled, managed, encrypted...always. Yet another proof-point for the hybrid-cloud architecture.