ABSTRACT
Application development for the cloud is already challenging because of the complexity caused by the ubiquitous, interconnected, and scalable nature of the cloud paradigm. But when modern secure and privacy aware cloud applications require the integration of cryptographic algorithms, developers even need to face additional challenges: An incorrect application may not only lead to a loss of the intended strong security properties but may also open up additional loopholes for potential breaches some time in the near or far future. To avoid these pitfalls and to achieve dependable security and privacy by design, cryptography needs to be systematically designed into the software, and from scratch. We present a system architecture providing a practical abstraction for the many specialists involved in such a development process, plus a suitable cryptographic software development life cycle methodology on top of the architecture. The methodology is complemented with additional tools supporting structured inter--domain communication and thus the generation of consistent results: cloud security and privacy patterns, and modelling of cloud service level agreements. We conclude with an assessment of the use of the Cryptographic Software Design Life Cycle (CryptSDLC) in a EU research project.
- Christopher Alexander, Sara Ishikawa, and Murray Silverstein. 1977. A Pattern Language: Towns, Buildings, Construction. Oxford University Press.Google Scholar
- Steven Arzt, Sarah Nadi, Karim Ali, Eric Bodden, Sebastian Erdweg, and Mira Mezini. 2015. Towards secure integration of cryptographic software. In 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!) - Onward! 2015. ACM Press, New York, New York, USA, 1--13. Google ScholarDigital Library
- Christina Brzuska, Henrich C. Pöhls, and Kai Samelin. 2012. Non-Interactive Public Accountability for Sanitizable Signatures. In Revised Selected Papers of European PKI Workshop: Research and Applications (EuroPKI 2012) (LNCS), Vol. 7868. Springer, 178--193. Google ScholarDigital Library
- Jan Camenisch, Robert R. Enderlein, Stephan Krenn, Ralf Küsters, and Daniel Rausch. 2016. Universal Composition with Responsive Environments. IACR Cryptology ePrint Archive 2016 (2016), 34. http://eprint.iacr.org/2016/034Google Scholar
- Ran Canetti. 2001. Universally Composable Security: A New Paradigm for Cryptographic Protocols. In 42nd Annual Symposium on Foundations of Computer Science, FOCS 2001. IEEE Computer Society, 136--145. Google ScholarDigital Library
- Ran Canetti, Ling Cheung, Dilsun Kirli Kaynar, Moses Liskov, Nancy A. Lynch, Olivier Pereira, and Roberto Segala. 2006. Time-Bounded Task-PIOAs: A Framework for Analyzing Security Protocols. In Distributed Computing, 20th International Symposium, DISC 2006 (Lecture Notes in Computer Science), Shlomi Dolev (Ed.), Vol. 4167. Springer, 238--253. Google ScholarDigital Library
- Ran Canetti, Yevgeniy Dodis, Rafael Pass, and Shabsi Walfish. 2007. Universally Composable Security with Global Setup. In Theory of Cryptography, 4th Theory of Cryptography Conference, TCC 2007 (Lecture Notes in Computer Science), Salil P. Vadhan (Ed.), Vol. 4392. Springer, 61--85. Google ScholarDigital Library
- Noopur Davis, Watts Humphrey, Samuel T. Redwine, Gerlinde Zibulski, and Gary McGraw. 2004. Processes for producing secure software: Summary of US national Cybersecurity Summit subgroup report. IEEE Security and Privacy 2, 3 (may 2004), 18--25. Google ScholarDigital Library
- Nick Doty and Mohit Gupta. 2013. Privacy Design Patterns and Anti-Patterns. In Workshop "A Turn for the Worse: Trustbusters for User Interfaces Workshop" at SOUPS 2013 Newcastle, UK.Google Scholar
- Pravir. et al. Chandra. 2009. Software Assurance Maturity Model. (2009), 96 pages. https://www.owasp.org/index.php/OWASP{_}SAMM{_}ProjectGoogle Scholar
- European Commission. 2016. Regulation (EU) 2016/679 of The European Parliament and of The Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). (2016). http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679 (online 20.7.2017).Google Scholar
- S. Fischer-Hübnner, C. Köffel, J.-S. Pettersson, P. Wolkerstorfer, C. Graf, and L. Holtz. 2011. HCI Pattern Collection--Version 2. (2011). http://primelife.ercim.eu/results/documents/111-413d (PrimeLife project).Google Scholar
- Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. 1994. Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley. ISBN 0-201-63361-2. Google ScholarDigital Library
- Harry Halpin. 2018. A Roadmap for High Assurance Cryptography. Springer, Cham, 83--91.Google Scholar
- Andreas Happe, Florian Wohner, and Thomas Lorünser. 2017. The Archistar Secret-Sharing Backup Proxy. In Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES '17). ACM, New York, NY, USA, 88:1---88:8. Google ScholarDigital Library
- Michael Howard and Steve. Lipner. 2006. The security development lifecycle: SDL, a process for developing demonstrably more secure software. Microsoft Press. Google ScholarDigital Library
- Aleksandar Hudic, Matthias Flittner, Thomas Lorunser, Philipp M. Radl, and Roland Bless. 2016. Towards a Unified Secure Cloud Service Development and Deployment Life-Cycle. In 2016 11th International Conference on Availability, Reliability and Security (ARES). IEEE, 428--436.Google ScholarCross Ref
- A Hudic, M Tauber, T Lorunser, M Krotsiani, G Spanoudakis, A Mauthe, and E R Weippl. 2014. A Multi-layer and MultiTenant Cloud Assurance Evaluation Methodology. In Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on. 386--393. Google ScholarDigital Library
- ISO. 2016. Information technology --- Cloud computing --- Service level agreement (SLA) framework and technology --- Part 1: Overview and concepts. Standard. International Organization for Standardization, International Electrotechnical Commission. Final Draft.Google Scholar
- ISO. 2017. Information technology --- Cloud computing --- Service level agreement (SLA) framework --- Part 4: Components of Security and of Protection of PII. Standard. International Organization for Standardization, International Electrotechnical Commission. Committee Draft.Google Scholar
- K R Jayaram and Aditya P Mathur. 2005. Software Engineering for Secure Software - State of the Art: A Survey. Technical Report. Purdue University. 1--35 pages. papers3://publication/uuid/f46d5eb9-0f9d-4b70-a8da-34c0c6b046abGoogle Scholar
- Hugo Krawczyk. 2001. The order of encryption and authentication for protecting communications (or: How secure is SSL?). In Annual International Cryptology Conference. Springer, 310--331. Google ScholarDigital Library
- Ralf Küsters and Max Tuengerthal. 2013. The IITM Model: a Simple and Expressive Model for Universal Composability. IACR Cryptology ePrint Archive 2013 (2013), 25.Google Scholar
- Thomas Länger, Ala Alaqra, Simone Fischer Hübner, Erik Framner, John-Sören Pettersson, and Katrin Riemer. 2018. HCI Patterns for Cryptographically Equipped Cloud Services. Springer LNCS, Proceedings of the HCI International 2018-20th International Conference on Human-Computer Interaction, Las Vegas, USA (2018).Google Scholar
- Thomas Länger, Henrich C. Pöhls, and Solange Ghernaouti. 2016. Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds. In Privacy Technologies and Policy - 4th Annual Privacy Forum (APE 2016). Springer. http://henrich.poehls.com/papers/2016_LaengerPoehlsGhernaouti_SecurityPatternsForClouds_ENISA-APF.pdf This is a pre-print.Google ScholarCross Ref
- Thomas Loruenser, Andreas Happe, and Daniel Slamanig. 2015. ARCHISTAR: Towards Secure and Robust Cloud Based Data Sharing. In Cloud Computing Technology and Science (CloudCom), 2015 IEEE 7th International Conference on. 371--378. Google ScholarDigital Library
- Thomas Loruenser, Daniel Slamanig, Thomas Länger, and Henrich C. Pöhls. 2016. PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services. In 2016 11th International Conference on Availability, Reliability and Security (ARES). 733--741.Google Scholar
- Thomas Lorünser, Stephan Krenn, Christoph Striecks, and Thomas Länger. 2017. Agile cryptographic solutions for the cloud. e & i Elektrotechnik und Informationstechnik 134, 7 (nov 2017), 364--369.Google Scholar
- Thomas Lorünser, Thomas Länger, and Daniel Slamanig. 2015. Cloud Security and Privacy by Design. In E-Democracy âĂŞ Citizen Rights in the World of the New Computing Paradigms, Sokratis K Katsikas and Alexander B Sideridis (Eds.). Communications in Computer and Information Science, Vol. 570. Springer International Publishing, 202--206.Google Scholar
- Thomas Lorünser, CharlesBastos Rodriguez, Denise Demirel, Simone Fischer-Hübner, Thomas Groß, Thomas Länger, Mathieu des Noes, HenrichC. Pöhls, Boris Rozenberg, and Daniel Slamanig. 2015. Towards a New Paradigm for Privacy and Security in Cloud Services. In Cyber Security and Privacy, Frances Cleary and Massimo Felici (Eds.). Communications in Computer and Information Science, Vol. 530. Springer International Publishing, 14--25.Google Scholar
- Thomas Lorünser, Daniel Slamanig, Thomas Länger, and Henrich C Pöhls. 2016. A New Architecture for Developing Cryptographic Cloud Services. ERCIM News 2016, 106 (2016). http://ercim-news.ercim.eu/enl06/special/a-new-architecture-for-developing-cryptographic-cloud-servicesGoogle Scholar
- Gary McGraw. 2002. Building Secure Software: Better than Protecting Bad Software. IEEE Software 19, 6 (nov 2002), 57--58. Google ScholarDigital Library
- G. Mcgraw. 2004. Software security. IEEE Security & Privacy Magazine 2, 2 (mar 2004), 80--83. Google ScholarDigital Library
- Alena Naiakshina, Anastasia Danilova, Christian Tiefenau, Marco Herzog, Sergej Dechand, and Matthew Smith. 2017. Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17. ACM Press, New York, New York, USA, 311--328. arXiv:1708.08759 Google ScholarDigital Library
- Claus Pahl and Pooyan Jamshidi. 2016. Microservices: A Systematic Mapping Study. (2016). Google ScholarDigital Library
- Henrich C. Pöhls and Focke Höhne. 2011. The Role of Data Integrity in EU Digital Signature Legislation - Achieving Statutory Trust for Sanitizable Signature Schemes. In Revised Selected Papers from the 7th International Workshop on Security and Trust Management (STM 2011) (LNCS), Vol. 7170. Springer, 175--192.Google Scholar
- Henrich C. Pöhls and Thomas Länger. 2017. Einsetzbare Kryptografie für die Cloud. Zeitschrift für Datenrecht und Informationssicherheit (digma) 17, 1 (Mar. 2017), 78--81.Google Scholar
- Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, and Peter Sommerlad. 2006. Security Patterns - Integrating Security and Systems Engineering. John Wiley & Sons, Ltd. West Sussex, England. Google ScholarDigital Library
- Osmanbey Uzunkol and Mehmet SabÄśr Kiraz. 2018. Still wrong use of pairings in cryptography. Appl. Math. Comput. 333 (sep 2018), 467--479.Google Scholar
- Frank W.J. van Geelkerken, Henrich C. Pöhls, and Simone Fischer-Hübner. 2015. The legal status of malleable- and functional signatures in light of Regulation (EU) No 910/2014. In Proc. of 3rd International Academic Conference of Young Scientists on Law & Psychology 2015 (LPS 2015). L'viv Polytechnic Publishing House, 404--410. https://drive.google.com/file/d/0B-Yu3Ni9z3PXM2lBajhCXzhoWk0/viewGoogle Scholar
- Rodolfo Villarroel, Eduardo Fernández-Medina, and Mario Piattini. 2005. Secure information systems development - A survey and comparison. Computers and Security 24, 4 (jun 2005), 308--321. Google ScholarDigital Library
Index Terms
- CryptSDLC: Embedding Cryptographic Engineering into Secure Software Development Lifecycle
Recommendations
Integrating Security and Privacy in HCD-Scrum
CHItaly '21: Proceedings of the 14th Biannual Conference of the Italian SIGCHI ChapterNowadays, software development must face the challenge of integrating security and privacy elements from the earliest stages of any software development process. A correct and complete implementation starting from the requirements definition allows to ...
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part IDesign a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...
A novel identity-based strong designated verifier signature scheme
Unlike ordinary digital signatures, a designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third ...
Comments