Workshop on Secure and Efficient Outsourcing of Storage and Computation of Data in the Cloud

Co-Organized by EU-H2020 – TREDISEC (Trust-aware, Reliable and Distributed Information Security in the Cloud) and  EU-H2020 – WITDOM (empowering privacy and security in non-trusted environments)
to be held in conjunction with the ARES EU Projects Symposium 2016, held at the 11th International Conference on Availability, Reliability and Security (ARES 2016 –

August 31 – September 2, 2016
Salzburg, Austria

Please find the detailed workshop program here

Cloud computing services are increasingly being adopted by individuals and companies owing to their various advantages such as high storage and computation capacities, reliability, and low maintenance costs. The advent of cloud storage and computation services, however, comes at the expense of data security and privacy. For example, when users upload data to the cloud, they tend to lose control over their data and have little means to verify, for example, how data is processed or stored.

Therefore, customers nowadays call for end-to-end security whereby only the data owner and authorized parties can have access to the data. End-to-end security has gained even more importance after the outbreak of data breaches and massive surveillance programs around the globe last year.

At the same time, end-to-end security poses a number of new challenges to cloud providers. How can they keep their costs low by making efficient use of their resources when users upload encrypted data? How can they offer computational services over encrypted user data? How can cloud providers perform computation over user data under the requirement that they do not know the specifics of the computational algorithm?

Agenda SECODIC 2016
Wednesday, August 31 2016
10:30 – 11:00 Introduction
“Empowering privacy and security in non-trusted environments”: a WITDOM overview- Elsa Prieto (Atos)
“Trust-aware, reliable and distributed information security in the Cloud”: a TREDISEC Overview – Ghassan Karame (NEC)
11:00 – 11:30 Keynote by N. Asokan, “Securing Cloud-assisted Services”
11:30 – 12:00 Private and Secure Data Storage in the Cloud (I) moderated by Eduarda Freire (IBM)
Eduarda Freire, talk on Data Masking
13:00 – 14:00 Private and Secure Data Storage in the Cloud (II)
Florian Thiemer (Fraunhofer) talk “Data Sharing in the cloud with Proxy-Re-Encryption and Malleable Signature“
Jose Ruiz (Atos), talk on “Data-centric security is the right approach for Digital Single Market”
Networking session with panellists
15:15 – 16:45 Private and Secure Processing in the Cloud, moderated by Matthias Neugschwandtner (IBM)
Matthias Neugschwandtner (IBM), talk on “Challenges for Isolating Computational Resources in Cloud Software Stacks”
Sujoy Sinha Roy (KU Leuven),talk on “Hardware Assisted Fully Homomorphic Function Evaluation”
Daniel Slamanig (Graz University), talk on “Malleable Cryptography for Security and Privacy in the Cloud”
Networking session with panellists
17:00 -18:00 Integrity and Verifiability of Outsourced Data/Computation,  moderated by Melek Önen (Eurecom)
Melek Önen (Eurecom), talk on “Verifiable Polynomial Evaluation & Matrix Multiplication”
James Alderman (Royal Holloway University of London), talk on “Verifiable searchable encryption”
Workshop wrap-up
Keynote Speaker

n. asokanN.Asokan, professor of Computer Science at Aalto University, Finland

Title: Securing cloud-assisted services

Abstract: All kinds of previously local services are being moved to a cloud setting. While this is justified by the scalability and efficiency benefits of cloud-based services, it also raises new security and privacy challenges. Solving them by naive application of standard security/privacy techniques can conflict with other functional requirements. In this talk, I will outline some cloud-assisted services and the apparent conflicts that arise while trying to secure these services. I will then discuss a specific instance: the case of cloud-assisted detection of malicious mobile application packages and the privacy concerns involved. I will discuss how techniques for private membership test, assisted by hardware security mechanisms, can be used to address these concerns.

Between 1995 and 2012, he worked in industrial research laboratories designing and building secure systems, first at the IBM Zurich Research Laboratory and then at Nokia Research Center. His primary research interest has been in applying cryptographic techniques to design secure protocols for distributed systems. Recently, he has also been investigating the use of Trusted Computing technologies for securing endnodes, and ways to make secure systems usable, especially in the context of mobile devices.

 Asokan received his doctorate in Computer Science from the University of Waterloo, MS in Computer and Information Science from Syracuse University, and BTech (Hons.) in Computer Science and Engineering from the Indian Institute of Technology at Kharagpur. He is an ACM Distinguished Scientist and an IEEE Senior Member. For more information about Asokan’s work see his website here.

Project Abstracts

Addressing these questions, this workshop aims at discussing the recent advances in managing security and performance in the cloud as well as protection of data at rest and in transit.

This research is not only motivated by users’ satisfaction, but also by the enforcement of European Data Protection Regulations as well as institution’s internal regulations. Since the majority of institutions lack resources and computing power to deal with large amount of data, and therefore outsourcing data to the cloud is strictly necessary, not complying with those regulations means not advancing in research.

These challenges drive a number of EU projects to devise effective solutions that meet the growing need for data protection in a number of security-critical scenarios (e.g. Financial Services and ehealth). Two of these projects are TREDISEC and WITDOM:

aims to design novel security primitives that ensure data protection and user privacy while maintaining the cost effectiveness of cloud systems. By doing so, TREDISEC aims to conciliate functional requirements in the cloud (such as multitenancy and data deduplication) with various security and privacy requirements to meet EU data protection regulations. This will provide considerable incentives for cloud providers to offer security services to their clients (since these services do not come at odds with resource sharing) and will increase the adoption of the cloud paradigm by companies and individuals (since end-to-end security is ensured at all times).

aims at developing an end-to-end secure by design framework for data storage and processing in non-trusted environments. This framework will be  instantiated with two critical scenarios: a health scenario, based on genetic data outsourcing for large research or individual clinical data analyses, and a financial services scenario, based on customer’s data outsourcing for provision of secure and efficient financial services to the clients. The technologies used in WITDOM include privacy-enhancing techniques, homomorphic encryption, and cryptographic techniques for integrity and verifiability of outsourced processes.

During the workshop we will discuss hot topics related to end-to-end security, privacy, and data protection in the cloud and advances in the field. We therefore expect the workshop to give extensive insights into the state-of-the-art in cloud technologies and novel perspectives for ensuring security and privacy in the cloud. The workshop will be an excellent venue for security experts and cloud providers who want to keep up with new research advances in the area of cloud security.

List of Workshop Topics:
Privacy-Enhancing Technologies and Anonymity in cloud scenarios
Resource isolation for secure cloud storage and computation
Data and system availability and integrity in cloud
Data availability and integrity in outsourcing scenarios
Integrity and Verifiability of outsourced computation
Threats, vulnerabilities, and risk management in cloud
Security and Privacy in cloud enabling scenarios:
o Security and privacy in crowdsourcing
o Security and Privacy in E-Health
o Security and Privacy in Financial Services
o Security and privacy in multi-clouds and federated clouds
Security and privacy of distributed computations
Secure computation over encrypted data in cloud
Security and privacy in mobile cloud computing
Security and privacy in the Internet of Things
Applied cryptography in cloud scenarios
Key management in cloud scenarios
Selective information sharing
Security and privacy policies
Security, Privacy and Trust metrics
Security and privacy for Big data
Workshop Chairs

Melek Önen

Ghassan Karame
NEC, Germany

Matthias Neugschwandtner
IBM Research, Switzerland

Elsa Prieto
Atos, Spain

Eduarda Freire
IBM Research, Switzerland


For information, please contact Elena González.