Privacy in the Cloud

Abstract

The rise of cloud computing has changed the way of using computing services and resources. Consciously or unconsciously, people are enjoying the services provided by the cloud when they access Gmail, Google Calendar, Dropbox, Microsoft Office Live, or run hundreds of Amazon Elastic Compute Cloud (EC2) instances for processing large-scale data. Due to the high demand for cloud-based services, cloud computing has emerged as the dominant computing paradigm in recent years. Besides that, the flexibility and cost savings made possible through migration to the cloud infrastructure, have encouraged many companies to use cloud computing for their critical applications. However, the advantages of clouds come with increased security and privacy risks. Today’s cloud computing platforms face important challenges for protecting the confidentiality and privacy of data and applications outsourced to cloud infrastructures. Multi-tenancy and other inherent properties of the cloud computing model have introduced novel attack surfaces and threats to users’ privacy. Unless the privacy issues are resolved, cloud computing cannot and should not be used for sensitive applications, such as financial transactions or medical records, where privacy and confidentiality of users are crucial. In this chapter, we present the privacy issues in cloud computing systems and discuss the state-of-the-art solutions and open problems.