CloudSEEP provides a middleware which allows to operate with data in the cloud safely without the need of specific hardware. The processing in the encrypted domain techniques used in CloudSEEP bring the higher level of privacy and confidentiallity, because the sensitive data are always kept encrypted when leave the client.
- User-Control: CloudSEEP uses client-managed and revokable keys that the server will never gain access to
- Full privacy guarantee: CloudSEEP conceals data during all their life-cycle: data never leave their encrypted state while they are processed at the Cloud, with no possible access from any unauthorized third party, or even by the provider itself
- Leveraging a new class of secure services: CloudSEEP allows Cloud services to be seamlessly provided on the encrypted data, and results will also be encrypted, only viewable by the owner of those data
- Seamless integration: CloudSEEP’s underlying technology does not require any specific or dedicated hardware element. A middleware layer transparetly provides all the encryption, blind encrypted operation and client-side decryption
This figure represents the high-level architecture of CloudSEEP.
The middleware layer provides full protection for the data in the Cloud, and leverages encrypted services with no extra hardware requirements and providing a dedicated API for encrypted operations.