Jäger, HubertMonitzer, ArnoldRieken, RalfErnst, EdmundHühnlein, DetlefRoßnagel, Heiko2018-10-102018-10-102013978-3-88579-617-6https://dl.gi.de/handle/20.500.12116/17199Security and privacy have turned out to be major challenges of the further Internet evolution in general and cloud computing, in particular. This paper proposes a novel approach to safeguard against previously unimpeded insider attacks, referred to as Sealed Cloud. A canonical set of technical measures is described, which, in conjunction, sufficiently complicate and thus economically prevent insider access to unencrypted data. This paper shows the advantages versus end-to-end encryption relative to communication services. Another application of the Sealed Cloud, referred to as Sealed Freeze, provides a seminal solution to privacy issues pertaining to data retention.enText/Conference Paper1617-5468