首页> 外文会议>IEEE International conference on cloud computing >Secure Multiparty Data Sharing in the Cloud Using Hardware-Based TPM Devices
【24h】

Secure Multiparty Data Sharing in the Cloud Using Hardware-Based TPM Devices

机译:使用基于硬件的TPM设备在云中保护多方数据共享

获取原文

摘要

The trend towards Cloud computing infrastructure has increased the need for new methods that allow data owners to share their data with others securely taking into account the needs of multiple stakeholders. The data owner should be able to share confidential data while delegating much of the burden of access control management to the Cloud and trusted enterprises. The lack of such methods to enhance privacy and security may hinder the growth of cloud computing. In particular, there is a growing need to better manage security keys of data shared in the Cloud. BYOD provides a first step to enabling secure and efficient key management, however, the data owner cannot guarantee that the data consumers device itself is secure. Furthermore, in current methods the data owner cannot revoke a particular data consumer or group efficiently. In this paper, we address these issues by incorporating a hardware-based Trusted Platform Module (TPM) mechanism called the Trusted Extension Device (TED) together with our security model and protocol to allow stronger privacy of data compared to software-based security protocols. We demonstrate the concept of using TED for stronger protection and management of cryptographic keys and how our secure data sharing protocol will allow a data owner (e.g, author) to securely store data via untrusted Cloud services. Our work prevents keys to be stolen by outsiders and/or dishonest authorised consumers, thus making it particularly attractive to be implemented in a real-world scenario.
机译:云计算基础架构的趋势使对新方法的需求增加,该方法允许数据所有者与多个利益相关者的需求安全地与他人共享数据。数据所有者应该能够共享机密数据,同时将访问控制管理的大部分负担委托给云和受信任的企业。缺乏增强隐私和安全性的此类方法可能会阻碍云计算的增长。特别是,越来越需要更好地管理云中共享数据的安全密钥。 BYOD提供了实现安全有效的密钥管理的第一步,但是,数据所有者不能保证数据使用方设备本身是安全的。此外,在当前方法中,数据所有者无法有效地撤销特定的数据使用者或组。在本文中,我们通过将称为可信扩展设备(TED)的基于硬件的可信平台模块(TPM)机制与我们的安全模型和协议相结合来解决这些问题,从而与基于软件的安全协议相比,可以提供更强的数据保密性。我们演示了使用TED来加强对密钥的保护和管理的概念,以及我们的安全数据共享协议将如何允许数据所有者(例如作者)通过不受信任的Cloud服务安全地存储数据。我们的工作可防止密钥被外部人员和/或不诚实的授权消费者盗用,因此使其在现实世界中的实施特别有吸引力。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号