Locking down the cloud

Nov 08, 2013

A software re-encryption system could allow users to pay for and run applications "in the cloud" without revealing their identity to the cloud host. The same approach would also allow the software providers to lock out malicious users.

Writing in the International Journal of Grid and Utility Computing, Ronald Petrlic, Stephan Sekula and Christoph Sorge of the University of Paderborn, Germany, explain how the emergence of cloud computing has allowed end users access to powerful computer resources hosted at remote locations via the internet. Such services include simple applications such as web-based email and file storage as well as more sophisticated social networking and multimedia communication tools, website hosting systems, file editing and manipulation and many other applications.

However, with ease of access, comes the issue of privacy. To utilize proprietary cloud services users must provide personal details or otherwise tie their identity to the (DRM) system or the license built into the software. Inherent in this approach to access is the problem that the cloud provider may not be the licensing body for the software itself and so a third party will often require access to the user's credentials too, which gives rise to privacy issues. Moreover, there is no reason why a legitimate user of the software need give their identity to the software provider either, as long as they have fulfilled their commitments - financial or otherwise - to obtaining a license to use the software.

Petrlic and colleagues have developed what they call "a privacy-friendly architecture" for future cloud computing systems where software licensing and software payment is required. The utility of their approach will be immediately apparent once cloud abandon so-called freemium and advertising-driven business models and simply start charging users to use the applications they develop. In this system, users authorise a - the cloud host - to buy a certain piece of software from a software provider. However, the service provider does not learn what software is bought, as the software provider sends an encrypted version of the application together with the corresponding licence to the cloud host. Each time the user wants to use the software on their cloud host, the program execution is initialized at a computing centre of their choosing anonymously.

By implementing such a system, the cloud host is remunerated for the hosting services and the encryption facilities, they provide, the software company gets its license fee, and the user gets to use the software they paid for "in the cloud" without the cloud host being able to identify them or even knowing what software is being used.

"Privacy protection will become more important in the cloud computing scenarios of the future," the team says, equally, "Proper payment concepts are crucial for providers to take part in future ."

Explore further: SAP co-CEO: Cloud computing growing strongly (Update)

More information: "A privacy-friendly architecture for future cloud computing" in Int. J. Grid and Utility Computing, 2013, 4, 265-277

add to favorites email to friend print save as pdf

Related Stories

The cloud within us

Mar 27, 2013

The first tentative steps towards a peer-to-peer approach to cloud computing that enables users and removes the risks and costs of relying on industry giants to offer services are being taken by an international team of researchers.

SAP profits up 23 percent as cloud computing grows

Oct 21, 2013

Business management software company SAP AG says net profit rose 23 percent in the third quarter as its cloud computing business grew rapidly and the company kept down costs by holding down hiring of new employees.

Oracle buys 'cloud' service firm RightNow

Oct 24, 2011

Enterprise software giant Oracle said Monday it had struck a deal to buy RightNow Technologies, which helps companies manage their cloud computing activities, for $1.5 billion.

Recommended for you

Alibaba makes Wall Street debut

Sep 19, 2014

Alibaba made its long-awaited Wall Street debut Friday on the heels of a record stock offering that opens the door to global expansion for the Chinese online retail giant.

Alibaba IPO to boost employee fortunes to $8 bn

Sep 19, 2014

Employees of Chinese e-commerce giant Alibaba will see their fortunes swell to nearly $8 billion as the company prepares a massive US stock offering that could be valued at $25 billion.

Alibaba mega IPO caps founder Jack Ma success tale

Sep 19, 2014

When Jack Ma founded Alibaba 15 years ago he insisted the e-commerce venture should see itself as competing against Silicon Valley, not other Chinese companies. That bold ambition from a time when China was ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

YottabyteDuane
not rated yet Nov 11, 2013
Privacy is THE issue. Its amazing to me how people, knowingly and unknowingly, put their information out there for all to consume. Data...controlled, managed, encrypted...always. Yet another proof-point for the hybrid-cloud architecture.