Abstract
This study proposes a business model to provision a security-enabled cloud via splitting cryptographic and cipher-storage sub-services off from the main cloud service, being independently operated by other SPs. The security/privacy enhancements of the model over the existing approaches are proved progressively but cogently. As such, the model can alleviate the improper user data disclosure risk, raise the privacy preservation of sensitive user information and therefore, mitigate the two information-leaking threats. The interoperability (among the centrifuged services) and migration issues (i.e., seamless system transferring and SLA amending) are illustrated and studied by using the extremely security-sensitive e-banking cloud service example.
| Original language | English |
|---|---|
| Pages (from-to) | 39-64 |
| Number of pages | 26 |
| Journal | 資訊安全通訊 |
| Volume | 22 |
| Issue number | 4 |
| Publication status | Published - 2016 |
Keywords
- service operation risk management
- security service and privacy
- distributed cloud systems organizing principle
- database and storage security
- management and querying of encrypted data
- cryptography and key management