A way of key management in cloud storage based on trusted computing

  • Authors:

  • Xin Yang;Qingni Shen;Yahui Yang;Sihan Qing

  • Affiliations:

  • School of Software and Microelectronics, Peking University, Beijing, China and MoE Key Lab of Network and Software Assurance, Peking University, Beijing, China and Network & Information Se ...;School of Software and Microelectronics, Peking University, Beijing, China and MoE Key Lab of Network and Software Assurance, Peking University, Beijing, China and Network & Information Se ...;School of Software and Microelectronics, Peking University, Beijing, China;School of Software and Microelectronics, Peking University, Beijing, China and Institute of Software, Chinese Academy of Sciences, Beijing, China

  • Venue:
  • NPC'11 Proceedings of the 8th IFIP international conference on Network and parallel computing
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

Cloud security has gained increasingly emphasis in the research community, with much focus primary concentrated on how to secure the operation system and virtual machine on which cloud system runs on. We take an alternative perspective to consider the problem of building a secure cloud storage service on top of a public cloud infrastructure where the service provider is not completely trusted by the customer. So, it is necessary to put cipher text into the public cloud. We describe an architecture based on Trusted Platform Module and the client of cloud storage system to help manage the symmetric keys used for encrypting data in the public cloud and the asymmetric keys used for encrypting symmetric keys. The key management mechanism includes how to store keys, how to backup keys, and how to share keys. Based on the HDFS (Hadoop Distributed File System), we put a way of key management into practice, and survey the benefits that such an infrastructure will provide to cloud users and providers, and we also survey the time cost it will bring to us.