Versatile Key Management for Secure Cloud Storage

Graf, Sebastián; Lang, Patrick; Hohenadel, Stefan A.; Waldvogel, Marcel

doi:10.1109/srds.2012.80

Cited by 8 publications

(9 citation statements)

References 12 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Graf et al [12] presented an IaaS storage protection scheme addressing access control. The authors analyse access rights management of shared versioned encrypted data on cloud infrastructure for a restricted group and propose a scalable and flexible key management scheme.…”

Section: Secure Storagementioning

confidence: 99%

“…Access rights are represented as a graph, making a distinction between data encryption keys and encrypted updates on the keys and enabling flexible join/leave client operations, similar to properties presented by the protocols in this paper. Despite its advantages, the requirement for client-side encryption limits the applicability of the scheme in [12] and introduces important functional limitations on indexing and search. In our model, all cryptographic operations are performed on trusted IaaS compute hosts, which are able to allocate more computational resources than client devices.…”

Section: Secure Storagementioning

confidence: 99%

See 1 more Smart Citation

Providing User Security Guarantees in Public Infrastructure Clouds

Paladi¹,

Gehrmann²,

Michalas³

2017

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.The WestminsterResearch online digital archive at the University of Westminster aims to make the research output of the University available to a wider audience. Copyright and Moral Rights remain with the authors and/or copyright owners.Whilst further distribution of specific materials from within this archive is forbidden, you may freely distribute the URL of WestminsterResearch: ((http://westminsterresearch.wmin.ac.uk/).In case of abuse or copyright appearing without permission e-mail repository@westminster.ac.uk Abstract-The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants -insulated from the minutiae of hardware maintenance -rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

show abstract

Section: Secure Storagementioning

confidence: 99%

Section: Secure Storagementioning

confidence: 99%

Providing User Security Guarantees in Public Infrastructure Clouds

Paladi¹,

Gehrmann²,

Michalas³

2017

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

show abstract

“…Sebastian Graf et al [9] introduced stream-based Key Graphapproaches in the cloud environment. Their proposed architecture does not need re-encryption of any data.…”

Section: Review Of Literaturementioning

confidence: 99%

A Survey on Group Data Sharing over Cloud in Multi-owner Environment using Key Aggregation and Trapdoor

Salunkhe¹,

Chillarge²

2017

IJCA

View full text Add to dashboard Cite

Cloud is being used by different type of users to fulfil their storage needs and sharing requirements. Public cloud storage provides virtually unlimited capacity to its users for sharing encrypted data. The main challenge is to design the encryption scheme which is efficient in management of encryption keys. Numbers of keys are required in the sharing of group data scenario as well as it needs to distribute those keys in secure manner to the user and user has to store them securely again. Also user needs to create equally large number of trapdoors with keywords to access data. This project gives solution on this problem by providing a concrete scheme of key aggregate searchable encryption. In this, data owner needs to distribute a single key for sharing large number of documents and user required to submit a single trapdoor to the cloud for downloading multiple documents over the cloud. It also provides a solution for a situation where user searches for the documents shared by multiple owners and user needs to generate multiple trapdoors. In the proposed system, user needs to generate a single trapdoor for searching the files shared by multiple data owners.

show abstract

“…In [8], authors analysed access rights management of shared versioned encrypted data on cloud infrastructure for a restricted group. in their model they proposed an adoption for enabling scalable and flexible key management within cloud.…”

Section: Related Workmentioning

confidence: 99%

Domain based storage protection with secure access control for the cloud

Paladi

Michalas

Gehrmann

2014

Proceedings of the 2nd International Workshop on Security in Cloud Computing

View full text Add to dashboard Cite

Cloud computing has evolved from a promising concept to one of the fastest growing segments of the IT industry. However, many businesses and individuals continue to view cloud computing as a technology that risks exposing their data to unauthorized users. We introduce a data confidentiality and integrity protection mechanism for Infrastructure-asa-Service (IaaS) clouds, which relies on trusted computing principles to provide transparent storage isolation between IaaS clients. We also address the absence of reliable data sharing mechanisms, by providing an XML-based language framework which enables clients of IaaS clouds to securely share data and clearly define access rights granted to peers. The proposed improvements have been prototyped as a code extension for a popular cloud platform.

show abstract

Versatile Key Management for Secure Cloud Storage

Cited by 8 publications

References 12 publications

Providing User Security Guarantees in Public Infrastructure Clouds

Providing User Security Guarantees in Public Infrastructure Clouds

A Survey on Group Data Sharing over Cloud in Multi-owner Environment using Key Aggregation and Trapdoor

Domain based storage protection with secure access control for the cloud

Contact Info

Product

Resources

About