Abstract
We propose an approach to provide the cryptography key management system (CKMS) as a trusted security service in Cloud Computing, based on the trusted platform module (TPM/vTPM). In this approach we have used the TPM’s capabilities/functions as a secure way and a root of trust for this kind of services. Therefore, and as an application case, we have used TPM’s key generation component as a trusted way to generate and to sign any encryption/signing keys by the CKMS for their customers.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Mell, P., Grance, T.: The nist definition of cloud computing (2011). http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
Jerry, A., Alan, B., Dave, C., Nils, P., Paul, K., Jim, R.: Defined categories of service 2011. In: Cloud Security Alliance, Security as a Service Working Group (2011). http://www.cloudsecurityalliance.org/guidance
Janessa, R.: Gartner says cloud based security services market to reach 2.1 billion in 2013. Gartner, Technical report, October 2013. http://www.gartner.com/newsroom/id/2616115
Rafal, L., Dave, S., Bryan, S., Luciano, J.S.: The notorious nine: cloud computing top threats in 2013. In: Cloud Security Alliance, Top Threats Working Group and Others (2013). http://www.cloudsecurityalliance.org/topthreats
Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. ACM SIGOPS Oper. Syst. Rev. 37(5), 164–177 (2003)
TCG: Tpm main part 1 design principles, specification version 1.2 revision 116. Trusted Computing Group, Copyright (c) 2003–2011 Trusted Computing Group, Incorporated, Technical report, March 2011
TCG: Virtualized trusted platform architecture specification version 1.0.26. Trusted Computing Group, Copyright (c) 2003–2011 Trusted Computing Group, Incorporated, Technical report, 27 September 2011
Barker, E., Smid, M., Branstad, D., Chokhani, S.: A framework for designing cryptographic key management systems, special publication 800-130. U.S. Department of Commerce, National Institute of Standards and Technology (NIST), Technical report, April 2012
Frederick, C., Gianpaolo, C.: Architecture strategies for catching the long tail, application architecture software-as-a-service (saas). Microsoft Corporation, Technical report, April 2006. https://msdn.microsoft.com/en-us/library/aa479069.aspx
Fehis, S., Nouali, O., Bentayeb, S.: Meta-data’s protection in ckmsas-a-security services. In: Proceedings 4th International Conference on Information Systems and Technologies Conference ICIST 2014, 22–24 March 2014, Valencia, Spain, pp. 195–206 (2014)
TCG: Tcg specification architecture overview, tcg specification revision 1.4. Trusted Computing Group, Copyright (c) 2003 Trusted Computing Group, Incorporated, Technical report, August 2007
Pearson, S.: Trusted computing platforms, the next security solution. HP Laboratories Bristol, Technical report HPL-2002-22, November 2002
Balacheff, B., Pearson, S., Chen, L., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall Professional, Upper Saddle River (2003)
Anderson, R.: Cryptography and competition policy: issues with ‘trusted computing’. In: Proceedings of the Twenty-Second Annual Symposium on Principles of Distributed Computing, pp. 3–10. ACM (2003)
Anderson, R.: Security Engineering - a Guide to Building Dependable Distributed Systems. Wiley, New York (2001)
Sadeghi, A.-R., Stüble, C., Winandy, M.: Property-based TPM virtualization. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 1–16. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85886-7_1
Danev, B., Masti, R.J., Karame, G.O., Capkun, S.: Enabling secure vm-vtpm migration in private clouds. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 187–196. ACM (2011)
Krautheim, F.J., Phatak, D.S., Sherman, A.T.: Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 211–227. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13869-0_14
Chang, D., Chu, X., Qin, Y., Feng, D.: TSD: a flexible root of trust for the cloud. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 119–126. IEEE (2012)
Krautheim, F.J., Phatak, D.S., Sherman, A.T.: Private virtual infrastructure: a model for trustworthy utility cloud computing. University of Maryland Baltimore County, Baltimore, MD, Technical report (2010)
TCG: Tpm main part 3 commands, specification version 1.2 level 2 revision 116. Trusted Computing Group, Copyright (c) 2003–2011 Trusted Computing Group, Incorporated, Technical report, March 2011
Fehis, S., Nouali, O., Kechadi, T.: A new chinese wall security policy model based on the subject’s wall and object’s wall. In: 2015 First International Conference on Anti-Cybercrime (ICACC), pp. 1–6, November 2015
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Fehis, S., Nouali, O., Kechadi, MT. (2018). A Trusted Way for Encryption Key Management in Cloud Computing. In: Ezziyyani, M., Bahaj, M., Khoukhi, F. (eds) Advanced Information Technology, Services and Systems. AIT2S 2017. Lecture Notes in Networks and Systems, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-319-69137-4_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-69137-4_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69136-7
Online ISBN: 978-3-319-69137-4
eBook Packages: EngineeringEngineering (R0)