The challenge of privacy in the cloud

The cloud is the most effective way to allow collaborative work and to share information among multiple parties, possibly spread out over the world. Health data are an excellent example of this need, because sharing them can drastically improve analysis of pathologies, therapies, and protocols, even for the daily doctor’s activity. Unfortunately, no guarantee about the trustworthiness of the cloud provider is given. Therefore, the protection of data of users and organizations is a relevant problem. This article focuses on this topic, by analyzing the main issues arising when sensitive data are managed by the cloud. Among the others, the specific problem of access linkage is addressed in detail. Indeed, a clinical service might require the cloud to allow only anonymous (yet accountable) accesses, to protect privacy. Unfortunately, this is not enough, because, by linking the critical access of a user to another access in which processed data can lead to the user being identified (for example, a ticket service), the cloud can identify the user and thus break the privacy of the health service. To face this problem, we propose an authentication scheme supporting anonymity of users and unlinkability of service accesses. This goal is reached by combining a multi-party cryptographic protocol with the use of a cooperative P2P-based approach to access services in the cloud. Nevertheless, accountability of user access is always preserved, to prevent misuse and untraceable illegal actions.