• Facts:
    • Project name: Privacy-Preserving Computation in the Cloud
    • Project acronym: PRACTICE
    • Project Coordinator: Technikon Forschungs- und Planungsgesellschaft mbH
    • Project start: November 2013
    • Project duration: 3 years
www.practice-project.eu



This project has received funding from the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement n° 609611

 

Project Partners:
TECHNIKON
SAP
TUDA
ALX
ARC
BIU
CYBER
UWUERZ
INTEL
KUE
INESC
AU
TUE
BRISTOL
DTA
UMIL
PAR
UGOE

PRACTICE

Privacy-Preserving Computation in the Cloud

 

Mission of PRACTICE:

The mission of PRACTICE is to design cloud computing technologies that allow computations in the cloud thus enabling new business processes while keeping the used data secret. Unlike today – where insiders can access sensitive data – PRACTICE will prevent cloud providers and other unauthorized parties from obtaining secret or sensitive information.

 

Motivation:

Information processed by businesses, government organizations and individuals often comes with confidentiality and integrity requirements that the processing party must adhere to. As a result, data processors must deploy security controls for their ICT infrastructure, protecting it against external as well as internal attackers. This is relatively easy when this infrastructure is local and controlled by the processing party, but much harder when it is provided by an external service provider. Cloud services promise great benefits in terms of financial savings, easy and convenient access to data and services, as well as business agility. Organizations and individuals therefore choose to outsource their data to the cloud, where an untrusted party is in charge of storage and computation. A major concern for the adoption of cloud computing is the inability of the cloud to build user trust in the information security measures deployed in cloud services. Common computing techniques cannot be applied on encrypted data, and therefore the data and the programs that compute on the data must be decrypted before being run on the cloud infrastructure. A comprehensive solution for securing the cloud computing infrastructure can be based on cryptographic mechanisms of secure computation. These mechanisms allow for distributed computation of arbitrary functions of private (secret) inputs, while hiding any information about the inputs to the functions. Put differently, these mechanisms support computation on encrypted data. We identify several settings where secure computation in the cloud is needed. PRACTICE will address all of these settings:
  • Hiding user data from other users of the same cloud service
  • Hiding user data from the cloud provider
  • Securing computation between several servers
  • Securing computation between untrusting parties

 

Objectives:

The PRACTICE project aims to build a secure cloud framework that allows for the realization of advanced and practical cryptographic technologies providing sophisticated security and privacy guarantees for all parties in cloud- computing scenarios.
An advanced and comprehensive framework represents a key factor for the achievement of the following PRACTICE project goals:
  • data confidentiality and integrity, eliminating need for users to trust cloud providers;
  • computation on encrypted data, preventing even insiders from disclosing secrets or disrupting the service;
  • flexible architecture and tools allowing seamless migration from execution on unchanged clouds today towards new platforms while gradually adding levels of protection.

This will open new markets, increase their market share, and possibly lead to the acquisition of foreign markets where reach has been limited due to confi dentiality and privacy concerns. The PRACTICE project will:
  • enable European customers to save costs by globally outsourcing to the cheapest providers while still maintaining guaranteed security and legal compliance;
  • deliver a Secure Platform for Enterprise Applications and Services providing application servers and automatic tools enabling privacy-sensitive applications on the cloud;
  • protect user data from cloud providers and other users, supporting cloud-aided secure computations by mutually distrusting parties.