An Anonymous and Distributed Approach to Improving Privacy in Cloud Computing: An Analysis of Privacy-Preserving Tools & Applications

摘要

The seemingly limitless computing resources and power of the cloud has made it ubiquitous. However, despite its utility and widespread adoption in several everyday applications the cloud still suffers from several trust and privacy concerns. Many of these concerns are validated by the endless reports of cyber-attacks that compromise the private information of large numbers of users.;A review of the literature reveals the following challenges with privacy in cloud computing: (1) Although there is a wealth of approaches that attempt to prevent cyber-attacks, these approach ignore the reality that system compromises are inevitable; every system can and will be compromised. (2) There are a handful of metrics for the security of systems, however, the current literature is lacking in privacy metrics that can be used to compare the privacy of across various systems. (3) One of the difficulties with addressing of privacy in cloud computing is the inevitable trade-off between privacy and utility; many privacy-preserving techniques sacrifice more utility than needed in an attempt to achieve the unattainable, perfect privacy.;In this dissertation we present our contributions that address the aforementioned privacy challenges supported by the literature. We base our approach on the assumption that every system can and will be compromised; we focused on mitigating the adverse effects of a cyber-attack by limiting the amount of information that is compromised during an attack. Our contribution is twofold and includes (1) a set of tools for designing privacy-mitigating applications and measuring privacy and (2) two applications designed using the aforementioned tools.;We will first describe three tools that we used to design two applications. These tools are: (1) The processing graph and its collection of creation protocols. The processing graph is the mechanism we used to partition data across multiple units of cloud-based storage and processing; it also manages the flow of processed information between components and is customizable based on the specific needs of the user; (2) A privacy metric based in information theory. We use this metric to compare the amount of information compromised when centralized and distributed systems are attacked; (3) The third tool is the extension of the double-locked box protocol in the cloud environment. The double-locked box protocol facilitates anonymous between two entities via an intermediary.;We then present two applications that utilize the aforementioned tools to improve the privacy of storing and processing a user's data. These applications are (1) the anonymous tax preparation application and (2) the distributed insurance clearinghouse and distributed electronic health record. We show how the creation protocols are used to establish progressing graphs to privately complete a user's tax form and process a patient's insurance claim form. We also highlight the future work in medical research that is made possible because of our contributions; our approach allows for medical research to be conducted on data without risking the identity of patients.;For each application we perform a privacy analysis that employs the privacy metric; in these privacy analyses, we compare both applications to their centralized counterparts and show the reduction in the amount of information revealed during an attack. Based on our analysis, the anonymous tax preparation application reduces the amount of compromised information in the event of an attack by up 64%. Similarly, the distributed insurance clearinghouse reduces the amount of patient data revealed during an attack by up to 79%.