Skip to main content

A FRAMEWORK FOR USER CENTRED PRIVACY AND SECURITY IN THE CLOUD

Periodic Reporting for period 2 - CLARUS (A FRAMEWORK FOR USER CENTRED PRIVACY AND SECURITY IN THE CLOUD)

Reporting period: 2016-07-01 to 2017-12-31

Although cloud computing offers many benefits to its users, security issues such as confidentiality and privacy are still major concerns to migrate to the cloud. Traditional cloud security has been based on assurance to customers that cloud providers follow sound security practices, hence compelling customers to blindly trust cloud providers. However, customers might be reluctant to outsource sensitive data due to lack of control over data storage and management. To reach its full potential, cloud computing needs solid security mechanisms that enhance trust by allowing customers a greater control on the security and privacy of their data.
The main objective of the CLARUS project is to enhance trust in cloud computing services by developing a secure framework for the storage and processing of data outsourced to the cloud that allows end users to protect, monitor, audit and control the outsourced data without impairing the functionalities and cost-saving benefits of cloud services. The CLARUS solution provides the end user with a dedicated proxy located in a trusted domain implementing configurable security and privacy features towards the cloud provider while being transparent for the end user or end user applications.
To enforce security and privacy, CLARUS implements a variety of functionality-preserving data protection techniques, which include cryptographic methods (searchable encryption) and non-cryptographic ones (data anonymization and data splitting). Thanks to the variety and complementary features of these techniques, CLARUS supports a wide spectrum of heterogenous cloud services, scenarios and privacy and functional requirements. CLARUS also implements an attack-tolerant framework that is able to detect intrusions and automatically enforce mitigation procedures. Finally, CLARUS offers an interoperable, extensible and modular architecture that support standard services, protocols and data formats, and which can be extended with additional protocols and data protection mechanisms.
The CLARUS solution has been demonstrated in a variety of scenarios, which include outsourcing e-health and geo-referenced data to the cloud. The results show that CLARUS is able to secure and preserve most cloud functionalities (storage, data retrieval, updates, search queries and even outsourced computations) while being transparent for end users and with small or even null impact on response times.
Firstly, we analyzed and specified the CLARUS uses cases and we elicited the CLARUS requirements (technical, legal and about standardization). In parallel, we produced a survey in which we detailed different kinds of solutions for the security and privacy challenges identified in CLARUS.
These were the inputs to design an architecture for CLARUS and to adapt and enhance the techniques selected to guarantee the privacy of outsourced data while preserving cloud functionalities as much as possible.
The implementation itself started with the definition of the CLARUS proxy interfaces. Afterwards, we devoted a great effort on the development of the protocol module. This module allows running one or several protocol gateway(s), which are in charge of intercepting and of processing requests and responses between client applications and cloud services (using specific protocols and data formats, such as PostgreSQL), and of protecting data on the fly. Thanks to the plug-in mechanism, the CLARUS protocol module is an extensible application that can be enhanced with new plug-ins to support additional protocols or to support additional data protection techniques. In the context of CLARUS project, the supported protocols are PostgreSQL and OGC WFS3, which are those used in our use cases.
Moreover, three data operation modules have been fully implemented that deal with the use cases defined previously:
• Data Anonymization
• Data Splitting
• Searchable Encryption
During the implementation we have carried out a continuous evaluation of the different modules, providing feedback to the CLARUS developers and a continuous assessment of the legal and standardization requirements. When a first version of the CLARUS platform was available we carried out a full evaluation.
During the whole life of the project we have tried to ensure the visibility of CLARUS carrying on several dissemination activities. We identified the target audience and made a comprehensive analysis of the CLARUS value proposition from both technical and business perspectives, leading to a market‐facing overview of its target stakeholders, aligned with its current exploitation plans and business model.
Scientific results span all major CLARUS innovations, including innovative approaches to data anonymization, homomorphic and searchable encryption and intrusion detection. We have also highlighted the added value of CLARUS for the practical use cases, with sector-specific conference presentations and posters.
As the project has progressed, more focus has been given to market-facing communication and marketing activities working together with the CloudWATCH2 service. This collaboration and CLARUS research have shown the timeliness of CLARUS in relation to the incoming GDPR and its implications for many kinds of organizations.
Although the project is finished, CLARUS outputs are mature and ready for use. Thus, we have designed a marketing campaign that is taking place from February 2018.
To enhance privacy, CLARUS implements a set of privacy-enabling mechanisms to ensure that the user’s sensitive data are properly protected before they are outsourced to the cloud. Protection is provided in a way that cloud service functionalities are still preserved, even those that require performing operations (e.g. queries, transformations, calculations) on the protected data.
Regarding data encryption, CLARUS, has explored methods to execute SQL queries over encrypted databases, providing a framework that supports private search queries over encrypted SQL databases.
Besides that, the data anonymisation and data splitting methods also applied in CLARUS, constitute a main innovation of CLARUS to enhance the security in cloud services, and they significantly outperform standard cryptographic techniques in terms of e.g. efficiency, flexibility of operations and of data access, and utility for CSPs. To the best of our knowledge, no other projects or existing commercial solutions for securing cloud transactions have considered this kind of solutions.
CLARUS impact will be significant with the definition of privacy-preserving mechanisms, which will provide security assurance and user control of outsourced data in order to build trust in the cloud, without impairing functionalities such as ubiquitous access with heterogeneous devices, including mobile ones. Control of the security mechanisms applied to outsourced data will be given to data owners themselves, together with the auditing mechanisms necessary to discover and manage incidents and build the required trust in the cloud. The beneficiaries of the CLARUS solution will be, on the one side, potential cloud end users like companies, public organisations and e-government administrations, which could thereby be motivated to embrace the benefits of trusted cloud services, and on the other side the CSPs themselves, because the CLARUS solution might motivate more users to move to the cloud, which implies a market opportunity for CSPs