Abstract
Cloud security has gained increasingly emphasis in the research community, with much focus primary concentrated on how to secure the operation system and virtual machine on which cloud system runs on. We take an alternative perspective to consider the problem of building a secure cloud storage service on top of a public cloud infrastructure where the service provider is not completely trusted by the customer. So, it is necessary to put cipher text into the public cloud. We describe an architecture based on Trusted Platform Module and the client of cloud storage system to help manage the symmetric keys used for encrypting data in the public cloud and the asymmetric keys used for encrypting symmetric keys. The key management mechanism includes how to store keys, how to backup keys, and how to share keys. Based on the HDFS (Hadoop Distributed File System), we put a way of key management into practice, and survey the benefits that such an infrastructure will provide to cloud users and providers, and we also survey the time cost it will bring to us.
Chapter PDF
Similar content being viewed by others
References
Kmara, S., Lauter, K.: Cryptographic Cloud Storage. In: Proceedings of Financial Cryptography: Workshop on Real-Life Cryptographic Protocols and Standardization 2010, pp. 111–116 (January 2010)
Challener, D., Yoder, K.: A Practical Guide To Trusted Computing, pp. 17–18. IBM Press (2009)
Balacheff, B., Chen, L.: Trusted Computing Platforms, pp. 166–167. Prentice Hall PTR, Englewood Cliffs (2009)
Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proc. of IWQoS 2009, Charleston, South Carolina, USA (2009)
Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proc. of SecureComm. (2008)
Stallings, W.: Cyptography and Network Security Principles and Practices, 4th edn., pp. 59–60 (2006)
Christodorescu, M., Sailer, R., Schales, D.L., Sgandurra, D., Zamboni, D.: Cloud Security is not (just) Virtualization Security. In: Proc. CCSW (2009)
Dean, J., Ghemawat, S.: Mapreduce: Simplied data processing on large clusters. In: Proc. OSDI (2004)
Haeberlen, A., Kuznetsov, P., Druschel, P.: PeerReview:Practical Accountability for Distributed Systems. In: Proc. SOSP (2007)
Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On Technical Security Issues in Cloud Computing. In: Proc. CLOUD (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Yang, X., Shen, Q., Yang, Y., Qing, S. (2011). A Way of Key Management in Cloud Storage Based on Trusted Computing. In: Altman, E., Shi, W. (eds) Network and Parallel Computing. NPC 2011. Lecture Notes in Computer Science, vol 6985. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24403-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-24403-2_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24402-5
Online ISBN: 978-3-642-24403-2
eBook Packages: Computer ScienceComputer Science (R0)