Privacy Aware Web Services in the Cloud Farshad Rahimi Asl, Fei Chiang, Wenbo He, Reza Samavi Dept. of Computing and Software McMaster University {rahimiaf, fchiang, wenbohe, samavir}@mcmaster.ca Abstract—Data privacy and security continues to hinder wider adoption of cloud based web services for small to medium busi- nesses. Existing privacy aware systems for cloud environments either assume that web service providers are trustworthy and can adequately enforce a client’s privacy policies or adapt com- putationally expensive encryption techniques to minimize data security risks. In this paper, we propose, PASiC, a framework for Privacy Aware RESTful Web Services in the Cloud. PASiC provides lightweight data privacy features by allowing clients to define their specific privacy policies, obfuscation/encryption methods and collaboratively engage with the service providers to enforce these policies. Our framework is designed to facilitate integration with legacy systems. Our experimental evaluation shows that PASiC safeguards sensitive data throughout the data staging process, and show how it operates over different methods of encryption and obfuscation in terms of their performance. I. I NTRODUCTION The increased complexity and size of modern datasets has motivated and expanded the use of cloud based web services to efficiently manage data preprocessing, analysis and visualization tasks. For small to medium businesses (SMBs), which have limited IT spending budgets, cloud based web services provide an attractive platform to access enterprise level data services within reasonable cost constraints. However, despite this ease of access, SMBs are often hesitant to upload and share their sensitive data with cloud web service providers due to uncertain data security and privacy guarantees. A typical communication between the web service provider and client involves the client transferring its data to the provider via a web services form. The Secure Socket Layer (SSL) is used to securely transfer the data between the clients and the web service providers. However, the data stored on the provider’s servers are usually in either open (plain) form or encrypted, but accessible to the provider to be decrypted, and also susceptible to internal attacks leading to data confidentiality violations. To assure clients and mitigate the security risks of internal threats, the web service providers have adapted two strategies: 1) signing Service Level Agreements (SLA) with clients to define security and privacy policies and the extent to which the clients provide consent on the data usage [1], 2) storing data in an encrypted form on the cloud service provider’s servers such that only the clients have access to plain data. Each of these strategies has its own limitations. Relying on SLAs requires full trust on service providers. Furthermore, the SLA are usually written such that it protects the service provider from liabilities rather than to protect clients’ data security and privacy [1]. Encryption methods that support an end-to-end solution (encrypted at the point that the data leaves the client machine and decrypted at the point the data is consumed by another client machine) are promising, however, its practicality and support of common web data transfer protocol (e.g., Representational State Transfer (REST) model) is a major challenge. For example, the class of Fully Homo- morphic Encryption [2] and a number of its instances (e.g., [3], [4], [5], [6], [7]) suffer either from high computational cost of cryptographic operations or the solution supports a specific type of data models (e.g., CryptDB [8] to support SQL based applications). Therefore, there is a need for research on devising privacy aware web service solutions that are not relying only on SLAs to protect clients privacy, yet the solution is efficient and practical to support commonly used web data transfer protocols. In this paper, we propose a model that provides Privacy Aware web Services in the Cloud (PASiC) that can use different methods of data obfuscation or encryption to protect sensitive client data. The masking method can be selected based on different factors such as the desired level of security, performance, and the computation cost over encrypted data. For example, for a cataloging system with no complex queries, the latest and common masking techniques (e.g., Blowfish) can be used based on the desired performance and security level. In our model, clients select the data to be masked, such that the web service provider never has access to data in plain form). The implementation of our model is based on Representational State Transfer (REST) model to develop RESTful APIs that are lightweight, modular and scalable. These properties align with a web service provider’s goal of minimizing cost, and expanding the scope of operations. Our architecture is flexible, extensible and robust. The RESTful web service allows our solution to be deployed within existing legacy systems. PASiC permits sharing of keys within a single or group of clients for shared data privacy policies. Finally, PASiC allows data masking on the fly, reducing performance overhead during the communication protocol exchange. We make the following contributions: • We present PASiC, a privacy aware framework for RESTful web services in the cloud. Our framework provides lightweight data privacy techniques that is designed to simplify integration with existing legacy systems in practice. • PASiC can be equipped with different data masking techniques that are secure throughout the data staging process. Our model incorporates data masking keys that support key definitions among users within a single client, or groups of multiple clients. • Our experimental evaluation shows how PASiC oper- ates over different types of data masking methods, and provides improved performance between fast and stan- 978-1-5386-0683-4/17/$31.00 c  2017 IEEE The 3rd IEEE Workshop on Security and Privacy in the Cloud (SPC 2017) 978-1-5386-0683-4/17/$31.00 ©2017 IEEE 467