While the storage of corporate data on remote servers is not a new development, current expansion of cloud computing justifies a more careful look at its actual consequences involving privacy and confidentiality issues.
We introduce a secure privacy preserving cloud database storage architecture and focus on the Software as a Service kind of utility computing model.
The proposed architecture addresses the important security question: ‘To what extent, an organization has to trust client users, system administrators and service providers?’ Remote access to corporate networks is already an essential aspect of the corporate work environment. Client systems are used by employees both inside the corporate Intranet, and remotely from home. In both scenarios, applications require effective requests and use of Cloud-based computing resources on the fly.
Privacy concerns arise whenever sensitive data is outsourced to the cloud. By using encryption, the cloud server (i.e. its administrator) is prevented from learning content in the outsourced databases. But how can we also prevent a local administrator from learning the database content. And how can we avoid scenarios such as: employees using cloud applications may learn more than it is necessary to perform their respective duties?
We will cover these questions in our ongoing project research activities.