PACE: Privacy-aware Cloud Ecosystems

PACE：隐私意识云生态系统

• 批准号: EP/R033439/1
• 负责人: Omer Rana
• 金额: $ 77.24万
• 依托单位: CARDIFF UNIVERSITY
• 依托单位国家: 英国
• 项目类别: Research Grant
• 财政年份: 2018
• 资助国家: 英国
• 起止时间: 2018 至 无数据
• 项目状态: 已结题
• 来源: https://gtr.ukri.org/projects?ref=EP%2FR033439%2F1
• 关键词: PACE; Privacy; aware; Cloud; Ecosystems

With increasing take up of externally provisioned and managed services (from government, finance, entertainment), often hosted over Cloud computing infrastructure, there is a realisation that on-line electronic services can involve an interlinked range of providers. Gartner forecasts that cloud computing market will grow at a compound annual growth rate of 32% (2016-2019), with the potential for additional providers to emerge in the market place. Ofcom's "Communication Market Report" indicates total UK telecoms business revenue were 37.5bn in 2015, indicating significant contribution of mobile services to the UK economy. With the availability of additional mobile services and infrastructure, there is interest in new business models that can facilitate additional subscribers to make use of these services. However, from a user's perspective, trust in the use of these services remains limited, as highlighted in the Pew Research Centre report ("The Fate of Online Trust in the Next Decade", August 2017), which surveyed 1,233 respondents - 24% of these respondents predicted that trust in on-line services is likely to diminish over time. The report revealed that although billions of people use "cellphones" and the internet now, many still do not use that connectivity for shopping, banking, and other important transactions due to limited trust in on-line providers. Some of the respondents surveyed indicated that the use of new technology (such as Blockchains) and regulatory compliance (and industry changes) will help increase trust in on-line services. As more people move online globally over the next decade, both opportunities and threats grow. It is now likely that due to the wide adoption of Cloud based provisioning, some of these mobile services will exist at the network edge. Consider, for instance, a coffee chain that initially provided Wifi services to customers, now working in collaboration with data centre providers to offer additional services to users (e.g. edge data storage, multimedia caching, etc). Such scenarios have been proposed by a number of organisations involved in Mobile Edge Computing (e.g. the European ETSI and the NIST "Big Data" Working Group). This project addresses security and privacy requirements of such environments, where multiple Cloud computing providers need to work collaboratively to offer services to a user. Users of these services only interact with a Web interface rather than the larger, distributed service ecosystem, and are often unfamiliar with the "ecosystem" of providers that are involved in offering them a particular capability. Their visibility beyond the first service provider is often missing, requiring them to "trust" the provider in handling and managing their data. This is a significant challenge, and according to a recent report from the Pew Research Centre, often deters the use of on-line services (especially for data providers which are new in the market place). They often entrust their data and identity without realising that the service provider may share their data with several back-end services (Cloud hosted analytics, advertisers). While this has been a problem in the past, it will be greatly exacerbated by the expansion of internet connected devices. In order to address this, the General Data Protection Regulation (GDPR) will be implemented to ensure that non-expert users can make informed decisions about their privacy and thereby give 'informed consent' to the use, sharing and re-purposing of their personal data. There are a number of challenges to facilitating this, both for individuals who need to provide consent and for data controllers who need to obtain it. As a means of addressing this, we propose a technological solution in the form of a mobile software "container" that will ensure that all access instances are securely logged. This will improve transparency, enable an audit trail of providers and facilitate greater trust between users and service providers.

随着外部提供和管理的服务（来自政府、金融、娱乐）（通常通过云计算基础设施托管）的使用不断增加，人们认识到在线电子服务可能涉及一系列相互关联的提供商。 Gartner 预测，云计算市场将以 32% 的复合年增长率增长（2016-2019 年），市场上可能会出现更多提供商。 Ofcom《通信市场报告》显示，2015年英国电信业务总收入为375亿美元，移动服务对英国经济的贡献巨大。随着更多移动服务和基础设施的出现，人们对能够促进更多用户使用这些服务的新商业模式产生了兴趣。然而，从用户的角度来看，对使用这些服务的信任仍然有限，正如皮尤研究中心报告（“未来十年在线信任的命运”，2017 年 8 月）所强调的那样，该报告调查了 1,233 名受访者 - 其中 24% 的受访者预测，随着时间的推移，对在线服务的信任可能会减弱。该报告显示，尽管现在有数十亿人使用“手机”和互联网，但由于对在线提供商的信任有限，许多人仍然不使用这种连接进行购物、银行业务和其他重要交易。一些接受调查的受访者表示，新技术（例如区块链）的使用和监管合规（以及行业变化）将有助于增加对在线服务的信任。未来十年，随着越来越多的人在全球范围内上网，机遇和威胁都会增加。现在，由于基于云的配置的广泛采用，其中一些移动服务可能会存在于网络边缘。例如，考虑一家最初为客户提供 Wifi 服务的咖啡连锁店，现在与数据中心提供商合作，为用户提供附加服务（例如边缘数据存储、多媒体缓存等）。许多参与移动边缘计算的组织（例如欧洲 ETSI 和 NIST“大数据”工作组）都提出了此类方案。该项目解决了此类环境的安全和隐私要求，在这些环境中，多个云计算提供商需要协作才能为用户提供服务。这些服务的用户仅与 Web 界面交互，而不是与更大的分布式服务生态系统交互，并且通常不熟悉为他们提供特定功能的提供商的“生态系统”。他们对第一个服务提供商之外的可见性常常缺失，这要求他们“信任”提供商处理和管理他们的数据。这是一个重大挑战，根据皮尤研究中心最近的一份报告，这常常阻碍在线服务的使用（特别是对于市场上的新数据提供商而言）。他们经常委托自己的数据和身份，却没有意识到服务提供商可能会与多个后端服务（云托管分析、广告商）共享他们的数据。虽然这在过去一直是一个问题，但随着互联网连接设备的扩展，这个问题将大大加剧。为了解决这个问题，将实施《通用数据保护条例》(GDPR)，以确保非专家用户能够对其隐私做出明智的决定，从而对其个人数据的使用、共享和重新利用给予“知情同意”。对于需要提供同意的个人和需要获得同意的数据控制者来说，促进这一点存在许多挑战。作为解决这个问题的一种手段，我们提出了一种移动软件“容器”形式的技术解决方案，该解决方案将确保所有访问实例都被安全记录。这将提高透明度，实现对提供商的审计追踪，并促进用户和服务提供商之间更大的信任。

项目成果

PARROT Interactive Privacy-Aware Internet of Things Application Design Tool

PARROT 互动隐私感知物联网应用设计工具

• DOI: 10.1145/3580880
• 发表时间: 2023
• 期刊: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies
• 作者: Alhirabi N

Risk-Based Service Selection in Federated Clouds

联合云中基于风险的服务选择

• DOI: 10.1109/ucc-companion.2018.00038
• 发表时间: 2018
• 作者: Ahmed U

Privacy-Patterns for IoT Application Developers

物联网应用程序开发人员的隐私模式

• DOI: 10.1145/3544793.3560333
• 发表时间: 2022
• 作者: Alhirabi N

Blockchain Based Auditable Access Control for Distributed Business Processes.

• DOI: 10.1109/icdcs47774.2020.00015
• 发表时间: 2020-11
• 期刊: Proceedings. International Conference on Distributed Computing Systems
• 作者: Akhtar A;Shafiq B;Vaidya J;Afzal A;Shamail S;Rana O
• 通讯作者: Rana O

Aggregated Capability Assessment (AgCA) For CAIQ Enabled Cross-cloud Federation

• DOI: 10.1109/tsc.2021.3073783
• 发表时间: 2022-09
• 期刊: IEEE Transactions on Services Computing
• 影响因子: 8.1
• 作者: Usama Ahmed;I. Raza;O. Rana;S. Hussain