CLARUS Proxy Architecture
The CLARUS architecture is modular with each functionality and security primitive running on a separate module for easy configuration, installation and troubleshooting.
CLARUS Proxy Solution
The CLARUS Proxy solution comprises five blocks:
- CLARUS Access manages user access to CLARUS through two modules: User registration and User authentication.
- Data Operations comprises the privacy modules that implement CLARUS security services with tools enabling privacy-preserving search, privacy-preserving computation, secure storage and retrieval.
- Access Policy and Key Management defines the access policies for the data outsourced to the cloud, stores the key material communicated to the Data Operations Modules when needed, and controls the communication with other proxies.
- Monitoring and Administration is for bootstrapping the CLARUS proxy. These modules provide interfaces to security managers to configure and manage the proxy.
- USER-CLARUS and the CSP-CLARUS Protocol modules are the interfaces for the end-user (client applications) and the cloud, respectively.
CLARUS Multiple-Proxy Deployments
CLARUS supports collaboration and data sharing between proxies, for example, between Proxy 1 (data requester) and Proxy 2 (the data owner). The transmission of sensitive information is prevented through authentication and data routing services, enabling data operation queries to be made securely between Proxy 1 and Proxy 2. In practice, Proxy 2 interacts with the cloud to process the requested query, prepares the response and forwards the result to Proxy 1 through a secure channel, e.g. VPN.