Accountability-preserving anonymous delivery of cloud services

Abstract

Cloud computing is an emerging paradigm whose importance both in large and small business is more and more increasing. As one of the reasons motivating the adoption of cloud computing solutions is to alleviate the load of companies related to the solution of security and disaster recovery issues, security is one of the main features to fulfill in a cloud computing system. Moreover, a number of new security and privacy problems arise, such as threats to user’s privacy due to the realistic possibility of having honest-but-curious cloud providers. In this scenario, we propose an authentication scheme supporting full anonymity of users and unlinkability of service requests. This is done by combining a multiparty cryptographic protocol with the use of a cooperative P2P-based approach to access services in the cloud. As the solution is thought to be adopted in e-government scenarios, accountability of user accesses is always preserved, to prevent misuse and illegal actions of users.