Provided by: Australian Computer Society
Date Added: Nov 2010
In this paper the authors describe a security problem involving an online data repository, which acts as a proxy for multiple companies allowing their customers to perform online services (e.g., pay invoices). The repository's host is trusted to honestly fulfill its duties in maintaining the data in a manner consistent with each companies' required services. However, the information stored by the repository remains private in that the repository's host cannot openly read any companies' operational data, nor does it learn the identities of any companies' customers.