Abstract
We propose an approach to provide the cryptography key management system (CKMS) as a trusted security service in Cloud Computing, based on the trusted platform module (TPM/vTPM). In this approach we have used the TPM’s capabilities/functions as a secure way and a root of trust for this kind of services. Therefore, and as an application case, we have used TPM’s key generation component as a trusted way to generate and to sign any encryption/signing keys by the CKMS for their customers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mell, P., Grance, T.: The nist definition of cloud computing (2011). http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
Jerry, A., Alan, B., Dave, C., Nils, P., Paul, K., Jim, R.: Defined categories of service 2011. In: Cloud Security Alliance, Security as a Service Working Group (2011). http://www.cloudsecurityalliance.org/guidance
Janessa, R.: Gartner says cloud based security services market to reach 2.1 billion in 2013. Gartner, Technical report, October 2013. http://www.gartner.com/newsroom/id/2616115
Rafal, L., Dave, S., Bryan, S., Luciano, J.S.: The notorious nine: cloud computing top threats in 2013. In: Cloud Security Alliance, Top Threats Working Group and Others (2013). http://www.cloudsecurityalliance.org/topthreats
Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. ACM SIGOPS Oper. Syst. Rev. 37(5), 164–177 (2003)
TCG: Tpm main part 1 design principles, specification version 1.2 revision 116. Trusted Computing Group, Copyright (c) 2003–2011 Trusted Computing Group, Incorporated, Technical report, March 2011
TCG: Virtualized trusted platform architecture specification version 1.0.26. Trusted Computing Group, Copyright (c) 2003–2011 Trusted Computing Group, Incorporated, Technical report, 27 September 2011
Barker, E., Smid, M., Branstad, D., Chokhani, S.: A framework for designing cryptographic key management systems, special publication 800-130. U.S. Department of Commerce, National Institute of Standards and Technology (NIST), Technical report, April 2012
Frederick, C., Gianpaolo, C.: Architecture strategies for catching the long tail, application architecture software-as-a-service (saas). Microsoft Corporation, Technical report, April 2006. https://msdn.microsoft.com/en-us/library/aa479069.aspx
Fehis, S., Nouali, O., Bentayeb, S.: Meta-data’s protection in ckmsas-a-security services. In: Proceedings 4th International Conference on Information Systems and Technologies Conference ICIST 2014, 22–24 March 2014, Valencia, Spain, pp. 195–206 (2014)
TCG: Tcg specification architecture overview, tcg specification revision 1.4. Trusted Computing Group, Copyright (c) 2003 Trusted Computing Group, Incorporated, Technical report, August 2007
Pearson, S.: Trusted computing platforms, the next security solution. HP Laboratories Bristol, Technical report HPL-2002-22, November 2002
Balacheff, B., Pearson, S., Chen, L., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall Professional, Upper Saddle River (2003)
Anderson, R.: Cryptography and competition policy: issues with ‘trusted computing’. In: Proceedings of the Twenty-Second Annual Symposium on Principles of Distributed Computing, pp. 3–10. ACM (2003)
Anderson, R.: Security Engineering - a Guide to Building Dependable Distributed Systems. Wiley, New York (2001)
Sadeghi, A.-R., Stüble, C., Winandy, M.: Property-based TPM virtualization. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 1–16. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85886-7_1
Danev, B., Masti, R.J., Karame, G.O., Capkun, S.: Enabling secure vm-vtpm migration in private clouds. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 187–196. ACM (2011)
Krautheim, F.J., Phatak, D.S., Sherman, A.T.: Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 211–227. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13869-0_14
Chang, D., Chu, X., Qin, Y., Feng, D.: TSD: a flexible root of trust for the cloud. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 119–126. IEEE (2012)
Krautheim, F.J., Phatak, D.S., Sherman, A.T.: Private virtual infrastructure: a model for trustworthy utility cloud computing. University of Maryland Baltimore County, Baltimore, MD, Technical report (2010)
TCG: Tpm main part 3 commands, specification version 1.2 level 2 revision 116. Trusted Computing Group, Copyright (c) 2003–2011 Trusted Computing Group, Incorporated, Technical report, March 2011
Fehis, S., Nouali, O., Kechadi, T.: A new chinese wall security policy model based on the subject’s wall and object’s wall. In: 2015 First International Conference on Anti-Cybercrime (ICACC), pp. 1–6, November 2015
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Fehis, S., Nouali, O., Kechadi, MT. (2018). A Trusted Way for Encryption Key Management in Cloud Computing. In: Ezziyyani, M., Bahaj, M., Khoukhi, F. (eds) Advanced Information Technology, Services and Systems. AIT2S 2017. Lecture Notes in Networks and Systems, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-319-69137-4_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-69137-4_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69136-7
Online ISBN: 978-3-319-69137-4
eBook Packages: EngineeringEngineering (R0)