Locking down the cloud

Nov 08, 2013

A software re-encryption system could allow users to pay for and run applications "in the cloud" without revealing their identity to the cloud host. The same approach would also allow the software providers to lock out malicious users.

Writing in the International Journal of Grid and Utility Computing, Ronald Petrlic, Stephan Sekula and Christoph Sorge of the University of Paderborn, Germany, explain how the emergence of cloud computing has allowed end users access to powerful computer resources hosted at remote locations via the internet. Such services include simple applications such as web-based email and file storage as well as more sophisticated social networking and multimedia communication tools, website hosting systems, file editing and manipulation and many other applications.

However, with ease of access, comes the issue of privacy. To utilize proprietary cloud services users must provide personal details or otherwise tie their identity to the (DRM) system or the license built into the software. Inherent in this approach to access is the problem that the cloud provider may not be the licensing body for the software itself and so a third party will often require access to the user's credentials too, which gives rise to privacy issues. Moreover, there is no reason why a legitimate user of the software need give their identity to the software provider either, as long as they have fulfilled their commitments - financial or otherwise - to obtaining a license to use the software.

Petrlic and colleagues have developed what they call "a privacy-friendly architecture" for future cloud computing systems where software licensing and software payment is required. The utility of their approach will be immediately apparent once cloud abandon so-called freemium and advertising-driven business models and simply start charging users to use the applications they develop. In this system, users authorise a - the cloud host - to buy a certain piece of software from a software provider. However, the service provider does not learn what software is bought, as the software provider sends an encrypted version of the application together with the corresponding licence to the cloud host. Each time the user wants to use the software on their cloud host, the program execution is initialized at a computing centre of their choosing anonymously.

By implementing such a system, the cloud host is remunerated for the hosting services and the encryption facilities, they provide, the software company gets its license fee, and the user gets to use the software they paid for "in the cloud" without the cloud host being able to identify them or even knowing what software is being used.

"Privacy protection will become more important in the cloud computing scenarios of the future," the team says, equally, "Proper payment concepts are crucial for providers to take part in future ."

Explore further: Sony's PlayStation 'gradually coming back'

More information: "A privacy-friendly architecture for future cloud computing" in Int. J. Grid and Utility Computing, 2013, 4, 265-277

add to favorites email to friend print save as pdf

Related Stories

The cloud within us

Mar 27, 2013

The first tentative steps towards a peer-to-peer approach to cloud computing that enables users and removes the risks and costs of relying on industry giants to offer services are being taken by an international team of researchers.

SAP profits up 23 percent as cloud computing grows

Oct 21, 2013

Business management software company SAP AG says net profit rose 23 percent in the third quarter as its cloud computing business grew rapidly and the company kept down costs by holding down hiring of new employees.

Oracle buys 'cloud' service firm RightNow

Oct 24, 2011

Enterprise software giant Oracle said Monday it had struck a deal to buy RightNow Technologies, which helps companies manage their cloud computing activities, for $1.5 billion.

Recommended for you

Sony's PlayStation 'gradually coming back'

13 hours ago

Sony was still struggling Saturday to fully restore its online PlayStation system, three days after the Christmas day hack that also hit Microsoft's Xbox, reporting that services were "gradually coming back."

Uber broke Indian financial rules: central bank chief

13 hours ago

India's central bank chief lashed out at Uber, already under fire over the alleged rape of a passenger, saying the US taxi-hailing firm violated the country's financial regulations by using an overseas payment ...

Taxi app Uber defies ban in Spain

Dec 26, 2014

Smartphone car-ride service Uber vowed Friday to keep operating in Spain despite a ban following a lawsuit by taxi drivers and said it would fight the case in court.

Sony film mess reflects gadgets-entertainment gap

Dec 26, 2014

Sony's iconic gadgetry and the star appeal of Hollywood may have appeared to be a perfect match when the electronics giant bought Columbia Pictures in 1989. A quarter century later, it's apparent that Sony ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

YottabyteDuane
not rated yet Nov 11, 2013
Privacy is THE issue. Its amazing to me how people, knowingly and unknowingly, put their information out there for all to consume. Data...controlled, managed, encrypted...always. Yet another proof-point for the hybrid-cloud architecture.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.