Khan—Scalable Computing and Communications Pr Scalable Computing and Communications: Theory and Practice, First Edition. Samee U. Khan, Lizhe Wang, and Albert Y. Zomaya. © 2012 John Wiley & Sons, Inc. Published 2012 by John Wiley & Sons, Inc. 14 Privacy and Confidentiality in Cloud Computing Khaled M. Khan and Qutaibah Malluhi 14.1 INTRODUCTION Cloud computing is an emerging computation model in which applications, data, computational processes, computing resources, and operating platforms are offered to consumers as services. This model provides the opportunity for utility-like virtu- ally unlimited computational power and capacity at a lower cost with greater flex- ibility as well as elasticity. This new paradigm promotes and facilitates cost-effective outsourcing of computations and data in a shared infrastructure, enabling enter- prises to cut information technology costs while focusing on their core business functionalities. Therefore, enterprises are increasingly becoming interested in run- ning their business applications on the cloud. In spite of the obvious benefits offered by this open computing environment, privacy and confidentiality of consumers’ data and processes are the paramount concerns for the propelling cloud computing adoption in a wider scale. Cloud com- puting poses several privacy and confidentiality challenges that can be the major stumbling blocks for moving applications into the cloud. These concerns include the risk of data breaches, malicious corruption of computed results, uncertainty about data privacy, and lack of consumer control on their data assets residing on third- party infrastructure. Consumers’ data processed by cloud computing are often sensi- tive, such as containing commercial secrets, national security importance, or legal requirements related to privacy laws that pertain to medical records, financial records, educational records, and so on. 277 c14.indd 277 10/15/2012 1:52:02 PM