Cloud banking: An anonymous approach to mitigate insiders and targeted threats

摘要

Bank organization is considered as an honest party, strictly adhering the protocols. Bank depends on secure internet protocols, to fulfil the demand of remote access. As, the Bank is in physical possession of information about Client's identity and his transactions in the form of databases, a vicious insider may exploit this opportunity to perform targeted attacks. Currently, no secure mechanism exists preventing data theft attacks, especially perpetrated by an insider of the Bank. Assuming the Bank to be a non-trusted, semi-honest party and Client as an honest party, we propose a cloud based Banking approach that adopts security measures of cloud computing. We delink the identity of the client from his account and conceal the money using homomorphic encryption scheme. Thus, the Bank will have zero knowledge of Client and his transactions. Our approach mitigates the possibility of malicious insiders and targeted attacks and maintains the integrity of the transactions.