Hardware-Based Security for Ensuring Data Privacy in the Cloud
In this chapter, the authors present a set of hardware-based security mechanisms for ensuring the privacy, integrity, and legal compliance of customer data as it is stored and processed in the cloud. The presented security system leverages the tamper-proof capabilities of cryptographic coprocessors to establish a secure execution domain in the computing cloud that is physically and logically protected from unauthorized access. The main design goal is to maximize users’ control in managing the various aspects related to the privacy of sensitive data by implementing user-configurable software protection and data privacy categorization mechanisms. Moreover, the proposed system provides a privacy feedback protocol to inform users of the different privacy operations applied on their data and to make them aware of any data leaks or risks that may jeopardize the confidentiality of their sensitive information. Providing a secure privacy feedback protocol increases the users’ trust in the cloud computing services, relieves their privacy concerns, and supports a set of accountable auditing services required to achieve legal compliance and certification.