Towards Secure Cloud Computing through a Separation of Duties
Matthias Huber, Christian Henrich, Jörn Müller-Quade, Carmen Kempka
Verlässliche Software für kritische Infrastrukturen at INFORMATIK 2011 - Informatik schafft Communities
Berlin 2011
Berlin 2011
Abstract: Cloud Computing offers many opportunities but also introduces new risks. A user outsourcing his database into the cloud loses control over this data. While the
service provider often secures the data against external threats using standard techniques the service providers themselves have to be trusted to ensure privacy. This work proposes a novel approach to provide security for database services without the need to trust the provider. We suggest employing a separation of duties by distributing critical information and services between two or more providers in a way that the confidentiality of a database can only be compromised if all providers are corrupted and work together. We also present a formal security notion for such a database.