For both corporate and individual users, cloud computing is becoming the de facto computing platform. Applications reside in the cloud. Data is stored in the cloud. Everything is in the cloud. Accompanying this are the security and privacy problems faced by all cloud users. How do we know that our data is secure in the cloud? Many of these concerns can be solved by encrypting the data before storing it in the cloud.

However, there is one thing that cannot be encrypted: the sequence of actions or commands executed by cloud users when accessing cloud applications or data. Though it is unclear whether knowing these traces could result in harm to cloud users, it is still undesirable, to say the least, that your actions in the cloud might be monitored and recorded for later use.

This paper studies this problem and proposes online action randomization algorithms to mitigate it. Basically, the algorithms insert pseudo and random actions into the traces to make them unintelligible. The authors propose several algorithms and analyze their performance.

The actions studied in this paper are assumed to all be the same. In reality, each action has different attributes. Actions could also have, for example, sequential relations, timing relations, and position relations. These relations make the insertion of phony actions more difficult, and make the detection of these false actions easier for bad guys.