Biblio

With the increasing advancement of services on the Internet, due to the strengthening of cloud computing, the exchange of data between providers and users is intense. Management of access control and applications need data to identify users and/or perform services in an automated and more practical way. Applications have to protect access to data collected. However, users often provide data in cloud environments and do not know what was collected, how or by whom data will be used. Privacy of personal data has been a challenge for information security. This paper presents the development and use of a privacy policy strategy, i. e., it was proposed a privacy policy model and format to be integrated with the authorization task. An access control language and the preferences defined by the owner of information were used to implement the proposals. The results showed that the strategy is feasible, guaranteeing to the users the right over their data.

The trend towards Cloud computing infrastructure has increased the need for new methods that allow data owners to share their data with others securely taking into account the needs of multiple stakeholders. The data owner should be able to share confidential data while delegating much of the burden of access control management to the Cloud and trusted enterprises. The lack of such methods to enhance privacy and security may hinder the growth of cloud computing. In particular, there is a growing need to better manage security keys of data shared in the Cloud. BYOD provides a first step to enabling secure and efficient key management, however, the data owner cannot guarantee that the data consumers device itself is secure. Furthermore, in current methods the data owner cannot revoke a particular data consumer or group efficiently. In this paper, we address these issues by incorporating a hardware-based Trusted Platform Module (TPM) mechanism called the Trusted Extension Device (TED) together with our security model and protocol to allow stronger privacy of data compared to software-based security protocols. We demonstrate the concept of using TED for stronger protection and management of cryptographic keys and how our secure data sharing protocol will allow a data owner (e.g, author) to securely store data via untrusted Cloud services. Our work prevents keys to be stolen by outsiders and/or dishonest authorised consumers, thus making it particularly attractive to be implemented in a real-world scenario.