A Way of Key Management in Cloud Storage Based on Trusted Computing
详细信息 查看全文
- 作者:Xin Yang (123) yangxin@pku.edu.cn
Qingni Shen (123) qingnishen@ss.pku.edu.cn
Yahui Yang (1) yhyang@ss.pku.edu.cn
Sihan Qing (14) qsihan@ss.pku.edu.cn - 关键词:cipher text – ; key management – ; symmetric keys – ; asymmetric keys – ; backup – ; public cloud
- 刊名:Lecture Notes in Computer Science
- 出版年:2011
- 出版时间:2011
- 年:2011
- 卷:6985
- 期:1
- 页码:135-145
- 全文大小:240.5 KB
- 参考文献:1. Kmara, S., Lauter, K.: Cryptographic Cloud Storage. In: Proceedings of Financial Cryptography: Workshop on Real-Life Cryptographic Protocols and Standardization 2010, pp. 111–116 (January 2010)
2. Challener, D., Yoder, K.: A Practical Guide To Trusted Computing, pp. 17–18. IBM Press (2009)
3. Balacheff, B., Chen, L.: Trusted Computing Platforms, pp. 166–167. Prentice Hall PTR, Englewood Cliffs (2009)
4. Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proc. of IWQoS 2009, Charleston, South Carolina, USA (2009)
5. Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proc. of SecureComm. (2008)
6. Stallings, W.: Cyptography and Network Security Principles and Practices, 4th edn., pp. 59–60 (2006)
7. Christodorescu, M., Sailer, R., Schales, D.L., Sgandurra, D., Zamboni, D.: Cloud Security is not (just) Virtualization Security. In: Proc. CCSW (2009)
8. Dean, J., Ghemawat, S.: Mapreduce: Simplied data processing on large clusters. In: Proc. OSDI (2004)
9. Haeberlen, A., Kuznetsov, P., Druschel, P.: PeerReview:Practical Accountability for Distributed Systems. In: Proc. SOSP (2007)
10. Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On Technical Security Issues in Cloud Computing. In: Proc. CLOUD (2009) - 作者单位:1. School of Software and Microelectronics, Peking University, Beijing, China2. MoE Key Lab of Network and Software Assurance, Peking University, Beijing, China3. Network & Information Security Lab., Institute of Software, Peking University, Beijing, China4. Institute of Software, Chinese Academy of Sciences, Beijing, 100086 China
- 刊物类别:Computer Science
- 刊物主题:Artificial Intelligence and Robotics
Computer Communication Networks
Software Engineering
Data Encryption
Database Management
Computation by Abstract Devices
Algorithm Analysis and Problem Complexity - 出版者:Springer Berlin / Heidelberg
- ISSN:1611-3349
文摘
Cloud security has gained increasingly emphasis in the research community, with much focus primary concentrated on how to secure the operation system and virtual machine on which cloud system runs on. We take an alternative perspective to consider the problem of building a secure cloud storage service on top of a public cloud infrastructure where the service provider is not completely trusted by the customer. So, it is necessary to put cipher text into the public cloud. We describe an architecture based on Trusted Platform Module and the client of cloud storage system to help manage the symmetric keys used for encrypting data in the public cloud and the asymmetric keys used for encrypting symmetric keys. The key management mechanism includes how to store keys, how to backup keys, and how to share keys. Based on the HDFS (Hadoop Distributed File System), we put a way of key management into practice, and survey the benefits that such an infrastructure will provide to cloud users and providers, and we also survey the time cost it will bring to us.