The newly proposed CLARUS platform aims at protecting cloud customers' data while they are stored and processed at the cloud. This platform consists in a proxy located between customers and the cloud, which protects all the data exchanged between them.

CLARUS scenarios include different numbers of cloud customers and different numbers of cloud providers.

 

1 Cloud Customer connects to 1 Cloud Service Provider

1 Cloud Customer connects to 1 Cloud Service Provider The cloud service provider (CSP) is considered untrusted, honest but curious. The provider may access the stored information for monitoring purposes or simply to provide the required services to its customers, such as processing data or returning results of queries to data stored in a database.
Customers reside in a trusted domain and access the CSP services via the CLARUS proxy, which encrypts or anonymise the data as required before accessing CSP.
 

n Cloud Customers connect to 1 Cloud Service Provider

n Cloud Customers connect to 1 Cloud Service Provider Multiple clients of the same organisation share data stored on the Cloud. They use the same CLARUS proxy to operate on the data set.
 

n Cloud Customers connect to m Cloud Service Providers

n Cloud Customers connect to 1 Cloud Service Provider It is often desirable to store data splits in different locations so that no single provider can ever access the entire data set. CLARUS handles the connection management and data splitting and also stores the information about which data set is stored at which CSP. For all users, the storage and processing of data are entirely transparent, meaning that end-users will not even know whether the data are split or whether they are stored at a single CSP. The CSP will also be unaware of how data is being split, so that it could only access to partial views of the whole data.