Processing data privately in the cloud

摘要

While cloud services can offer processing from personal devices or synthesized data from multiple sources, many users prefer their data to remain private. According to some embodiments, private user data may be processed in the cloud without revealing the user identity to the cloud service provider. Only the user or an authorized agent of the user and the service's hardware platform have access to certain keys. The service application software and operating system only have access to encrypted data.

主权项

1. A method comprising:
establishing a secure channel with a trusted party in a cloud via an untrusted cloud service provider; receiving a trusted party public key from the trusted party, without disclosing the trusted party public key to the provider, via the secure channel through the provider; sending encrypted private data via the secure channel through the provider for processing by the trusted party separately from the provider, wherein sending said encrypted private data comprises sending, to the trusted party, a first session key encrypted using the trusted party public key, and a client public key, the private data, and an nonce all encrypted together using the first session key; receiving encrypted results of said processing from the trusted party via said secure channel through the provider, wherein receiving said encrypted results comprises receiving, from the trusted party, a second session key encrypted using the client public key, and the results of said processing and the nonce both encrypted together using the second session key; and obtaining decrypted results of said processing, wherein obtaining said decrypted results comprises decrypting the second session key using a client private key, and decrypting the results of said processing and the nonce using the second session key.