Constructing and testing privacy-aware services in a cloud computing environment: challenges and opportunities

After decades of engineering development and infrastructural investment, Internet connections have become a commodity product in many countries, and Internetscale "cloud computing" has started to compete with traditional software business through its technological advantages and economy of scale. Cloud computing is a promising enabling technology of Internetware. One distinct characteristic of cloud computing is the global integration of data, logic, and users, but such integration magnifies a sharp concern about privacy, which is one of the most frequently cited reasons by enterprises for not migrating to cloud-based solutions. We argue that cloud-based systems should include privacy as a fundamental design goal, and that privacy in a cloud environment is bidirectional, covering both end users and application providers. End users need privacy-aware software services that prevent their private data from being exposed to other users or the cloud providers. Application providers need a privacy-protected testing methodology to prevent the companies' internal activities and product features from leaking to external users. Focusing on privacy protection, we discuss the research challenges in this unique design space, and explore potential solutions for enhancing privacy protection in several important components of the system.