Towards a Framework for Privacy-Preserving Data Sharing in Portable Clouds

  • Clemens ZeidlerEmail author
  • Muhammad Rizwan Asghar
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 740)


Cloud storage is a cheap and reliable solution for users to share data with their contacts. However, the lack of standardisation and migration tools makes it difficult for users to migrate to another Cloud Service Provider (CSP) without losing contacts, thus resulting in a vendor lock-in problem. In this work, we aim at providing a generic framework, named PortableCloud, that is flexible enough to enable users to migrate seamlessly to a different CSP keeping all their data and contacts. To preserve the privacy of users, the data in the portable cloud is concealed from the CSP by employing encryption techniques. Moreover, we introduce a migration agent that assists users in automatically finding a suitable CSP that can satisfy their needs.


Portable cloud Privacy Data sharing Data migration Migration costs Migration agent 


  1. 1.
    Capitani, D., di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Pelosi, G., Samarati, P.: Preserving confidentiality of security policies in data outsourcing. In: WPES 2008, pp. 75–84 (2008)Google Scholar
  2. 2.
    Joint, A., Baker, E., Eccles, E.: Hey, you, get off of that cloud? Comput. Law Secur. Rev. 25, 270–274 (2009)CrossRefGoogle Scholar
  3. 3.
    Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: A view of cloud computing. Commun. ACM 53, 50–58 (2010)CrossRefGoogle Scholar
  4. 4.
    De Chaves, S., Uriarte, R., Westphall, C.: Toward an architecture for monitoring private clouds. Commun. Mag. 49, 130–137 (2011). IEEECrossRefGoogle Scholar
  5. 5.
    Satzger, B., Hummer, W., Inzinger, C., Leitner, P., Dustdar, S.: Winds of change: from vendor lock-in to the meta cloud. IEEE Internet Comput. 17, 69–73 (2013)CrossRefGoogle Scholar
  6. 6.
    Hacigümüş, H., Iyer, B., Mehrotra, S.: Ensuring the integrity of encrypted databases in the database-as-a-service model. In: Data and Applications Security XVII, vol. 142, pp. 61–74 (2004)Google Scholar
  7. 7.
    Asghar, M.R., Ion, M., Russello, G., Crispo, B.: Securing data provenance in the cloud. In: Open Problems in Network Security. LNCS, vol. 7039, pp. 145–160 (2012)Google Scholar
  8. 8.
    Asghar, M.R., Russello, G., Crispo, B., Ion, M.: Supporting complex queries and access policies for multi-user encrypted databases. In: CCSW 2013, pp. 77–88 (2013)Google Scholar
  9. 9.
    Ferretti, L., Colajanni, M., Marchetti, M.: Distributed, concurrent, and independent access to encrypted cloud databases. Parallel Distrib. Syst. 25, 437–446 (2014)CrossRefGoogle Scholar
  10. 10.
    Josefsson, S.: PKCS#5: password-based key derivation function 2 (PBKDF2) test vectors. Technical report (2011)Google Scholar
  11. 11.
    Asghar, M.R.: Privacy Preserving Enforcement of Sensitive Policies in Outsourced and Distributed Environments. Ph.D. thesis, University of Trento (2013)Google Scholar
  12. 12.
    Garfinkel, S.: PGP: pretty good privacy (1995)Google Scholar
  13. 13.
    Burr, W.E., Nazario, N.A., Polk, W.T.: A proposed federal PKI using X.509 v3 certificates. NIST (1996)Google Scholar
  14. 14.
    Sandhu, R., Samarati, P.: Access control: principle and practice. Commun. Mag. 32, 40–48 (1994). IEEECrossRefGoogle Scholar
  15. 15.
    Zhao, G., Rong, C., Li, J., Zhang, F., Tang, Y.: Trusted data sharing over untrusted cloud storage providers. In: Cloud Computing Technology and Science (CloudCom), pp. 97–103 (2010)Google Scholar
  16. 16.
    Ward, C., Aravamudan, N., Bhattacharya, K., Cheng, K., Filepp, R., Kearney, R., Peterson, B., Shwartz, L., Young, C.: Workload migration into clouds challenges, experiences, opportunities. In: Cloud Computing (CLOUD), pp. 164–171 (2010)Google Scholar
  17. 17.
    Khajeh-Hosseini, A., Sommerville, I., Bogaerts, J., Teregowda, P.: Decision support tools for cloud migration in the enterprise. In: Cloud Computing (CLOUD), pp. 541–548 (2011)Google Scholar
  18. 18.
    Stefanov, E., van Dijk, M., Shi, E., Fletcher, C., Ren, L., Yu, X., Devadas, S.: Path ORAM: an extremely simple oblivious ram protocol. In: CCS 2013, pp. 299–310 (2013)Google Scholar
  19. 19.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43, 431–473 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Gong, X., Kiyavash, N., Borisov, N.: Fingerprinting websites using remote traffic analysis. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 684–686 (2010)Google Scholar
  21. 21.
    Cabrera, L.F., Jones, M.B., Theimer, M.: Herald: achieving a global event notification service. In: 2001 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems, pp. 87–92. IEEE (2001)Google Scholar
  22. 22.
    Cooper, B.F., Ramakrishnan, R., Srivastava, U., Silberstein, A., Bohannon, P., Jacobsen, H.A., Puz, N., Weaver, D., Yerneni, R.: Pnuts: Yahoo!’s hosted data serving platform. Proc. VLDB Endow. 1, 1277–1288 (2008)CrossRefGoogle Scholar
  23. 23.
    Pal, P., Lauer, G., Khoury, J., Hoff, N., Loyall, J.: P3S: a privacy preserving publish-subscribe middleware. In: Narasimhan, P., Triantafillou, P. (eds.) Middleware 2012. LNCS, vol. 7662, pp. 476–495. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-35170-9_24 CrossRefGoogle Scholar
  24. 24.
    Zhao, J.F., Zhou, J.T.: Strategies and methods for cloud migration. Int. J. Autom. Comput. 11, 143–152 (2014)CrossRefGoogle Scholar
  25. 25.
    Menzel, M., Ranjan, R.: CloudGenius: decision support for web server cloud migration. In: WWW 2012, pp. 979–988 (2012)Google Scholar
  26. 26.
    Ng, W.S., Ooi, B.C., Tan, K.L., Zhou, A.: PeerDB: a P2P-based system for distributed data sharing. In: Data Engineering, pp. 633–644 (2003)Google Scholar
  27. 27.
    Takabi, H., Joshi, J.B., Ahn, G.J.: Security and privacy challenges in cloud computing environments. Secur. Priv. 8, 24–31 (2010)CrossRefGoogle Scholar
  28. 28.
    Khan, S., Hamlen, K.: Anonymouscloud: a data ownership privacy provider framework in cloud computing. In: Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 170–176 (2012)Google Scholar
  29. 29.
    Zarandioon, S., Yao, D., Ganapathy, V.: K2C: cryptographic cloud storage with lazy revocation and anonymous access. In: Security and Privacy in Communication Networks, vol. 96, pp. 59–76 (2012)Google Scholar
  30. 30.
    Bessani, A., Correia, M., Quaresma, B., André, F., Sousa, P.: Depsky: Dependable and Secure Storage in a Cloud-of-clouds. In: EuroSys 2011, pp. 31–46 (2011)Google Scholar
  31. 31.
    Butoi, A., Tomai, N.: Secret sharing scheme for data confidentiality preserving in a public-private hybrid cloud storage approach. In: UCC 2014, pp. 992–997 (2014)Google Scholar
  32. 32.
    Liu, X., Zhang, Y., Wang, B., Yan, J.: Mona: secure multi-owner data sharing for dynamic groups in the cloud. Parallel Distrib. Syst. 24, 1182–1191 (2013)CrossRefGoogle Scholar
  33. 33.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29, 38–47 (1996)CrossRefGoogle Scholar
  34. 34.
    Wang, G., Liu, Q., Wu, J., Guo, M.: Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput. Secur. 30, 320–331 (2011)CrossRefGoogle Scholar
  35. 35.
    Farb, M., Lin, Y.H., Kim, T.H.J., McCune, J., Perrig, A.: Safeslinger: Easy-to-use and secure public-key exchange. In: MobiCom 2013, pp. 417–428 (2013)Google Scholar
  36. 36.
    Asghar, M.R., Ion, M., Russello, G., Crispo, B.: ESPOON: enforcing encrypted security policies in outsourced environments. In: The Sixth International Conference on Availability, Reliability and Security, pp. 99–108. IEEE Computer Society (2011)Google Scholar
  37. 37.
    Asghar, M.R., Russello, G., Crispo, B.: E-GRANT: enforcing encrypted dynamic security constraints in the cloud. In: Future Internet of Things and Cloud (FiCloud), pp. 135–144 (2015). Special Track on Security, Privacy and TrustGoogle Scholar
  38. 38.
    Muhammad, R.A., Mihaela, I., Giovanni, R., Bruno, C.: ESPOON\(_{ERBAC}\): enforcing security policies in outsourced environments. Comput. Secur. (COSE) 35, 2–24 (2013). ElsevierCrossRefGoogle Scholar
  39. 39.
    Raymond, J-F.:Traffic analysis: protocols, attacks, design issues, and open problems. In: Designing Privacy Enhancing Technologies, pp. 10–29. Springer (2001)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Department of Computer ScienceThe University of AucklandAucklandNew Zealand

Personalised recommendations