STRATUS: Towards Returning Data Control to Cloud Users [chapter]

Ryan K. L. Ko, Giovanni Russello, Richard Nelson, Shaoning Pang, Aloysius Cheang, Gill Dobbie, Abdolhossein Sarrafzadeh, Sivadon Chaisiri, Muhammad Rizwan Asghar, Geoffrey Holmes
2015 Lecture Notes in Computer Science  
When we upload or create data into the cloud or the web, we immediately lose control of our data. Most of the time, we will not know where the data will be stored, or how many copies of our files are there. Worse, we are unable to know and stop malicious insiders from accessing the possibly sensitive data. Despite being transferred across and within clouds over encrypted channels, data often has to be decrypted within the database for it to be processed. Exposing the data at some point in the
more » ... oud to a few privileged users is undoubtedly a vendorcentric approach, and hinges on the trust relationships data owners have with their cloud service providers. A recent example of the abuse of the trust relationship is the high-profile Edward Snowden case. In this paper, we propose a user-centric approach which returns data control to the data owners -empowering users with data provenance, transparency and auditability, homomorphic encryption, situation awareness, revocation, attribution and data resilience. We also cover key elements of the concept of user data control. Finally, we introduce how we attempt to address these issues via the New Zealand Ministry of Business Innovation and Employment (MBIE)-funded STRATUS (Security Technologies Returning Accountability, Trust and User-centric Services in the Cloud) research project.
doi:10.1007/978-3-319-27161-3_6 fatcat:mberng3n2zhslmosqcqf3nraau