8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing

Research Article

Portable Key Management Service for Cloud Storage

Download70 downloads
  • @INPROCEEDINGS{10.4108/icst.collaboratecom.2012.250488,
        author={Surya Nepal and Julian Jang-jaccard},
        title={Portable Key Management Service for Cloud Storage},
        proceedings={8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing},
        publisher={IEEE},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={12},
        keywords={cloud computing key management portability storage service trusted computing},
        doi={10.4108/icst.collaboratecom.2012.250488}
    }
    
  • Surya Nepal
    Julian Jang-jaccard
    Year: 2012
    Portable Key Management Service for Cloud Storage
    COLLABORATECOM
    ICST
    DOI: 10.4108/icst.collaboratecom.2012.250488
Surya Nepal, Julian Jang-jaccard1,*
  • 1: CSIRO
*Contact email: julian.jang-jaccard@csiro.au

Abstract

Cloud storage services provide highly scalable, available and pay-as-you-go storage space for individual and enterprise users. Cloud storage services are inherently insecure as the management of the data in the cloud storage is controlled by third parties beyond the reach of the data owner. To address this problem, a number of data obfuscation techniques have been proposed to conceal data before sending it to the cloud. The secrets keys used for obfuscation are stored in a secure location while obfuscated data is stored in the cloud. In these approaches, the data is as secure as its corresponding keys. However, this still brings a challenging issue where a user needs to manage a large number of (secret) keys in such a way that they are protected against all types of adversaries, and should be as highly available as cloud storage services. To address this issue, we propose a portable key management service that is highly secure and available. In our solution, all keys are stored in a tamper-proof hardware within a portable USB device that users can carry with them all the time in order to provide high security and availability. We describe the system model, the details of the key management service and a prototype implementation.