Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth

Florian Reimair, Johannes Feichtner, Dominik Ziegler, Sandra Kreuzhuber, Thomas Zefferer

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Current application and device landscapes became a harsh environment for data security. Multi-device users
enjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous device
landscape. However, today’s data protection mechanisms fell behind in taking care of some current use cases
and application scenarios. We perform a case study and an in-depth security analysis and risk assessment
on a simplified set of three different cryptographic service provider types; software, hardware, and remote.
Our case study shows that different provider types can change application characteristics considerably. Our
security analysis and risk assessment shows how different provider types can influence the security properties
of a set of use cases. We found that no one provider can excel for every cryptographic task. Based on these
findings we formulate a list of features which we believe are crucial to get the data protection mechanisms
up to speed again so that everyone can again benefit from data security even in a world of highly distributed
applications and data.
Original languageEnglish
Title of host publicationProceedings of the 14th International Joint Conference on e-Business and Telecommunications
Place of PublicationPortugal
PublisherSciTePress
Pages367-374
Number of pages8
Volume4
ISBN (Print)978-989-758-259-2
DOIs
Publication statusPublished - Jul 2017

Fingerprint

Data privacy
Security of data
Risk assessment
Hardware

Keywords

  • Applied Cryptography
  • Cryptographic Service Providers
  • Cloud

ASJC Scopus subject areas

  • Computer Science(all)

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Experimental

Cite this

Reimair, F., Feichtner, J., Ziegler, D., Kreuzhuber, S., & Zefferer, T. (2017). Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (Vol. 4, pp. 367-374). Portugal: SciTePress. https://doi.org/10.5220/0006466603670374

Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth. / Reimair, Florian; Feichtner, Johannes; Ziegler, Dominik; Kreuzhuber, Sandra; Zefferer, Thomas.

Proceedings of the 14th International Joint Conference on e-Business and Telecommunications. Vol. 4 Portugal : SciTePress, 2017. p. 367-374.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Reimair, F, Feichtner, J, Ziegler, D, Kreuzhuber, S & Zefferer, T 2017, Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth. in Proceedings of the 14th International Joint Conference on e-Business and Telecommunications. vol. 4, SciTePress, Portugal, pp. 367-374. https://doi.org/10.5220/0006466603670374
Reimair F, Feichtner J, Ziegler D, Kreuzhuber S, Zefferer T. Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications. Vol. 4. Portugal: SciTePress. 2017. p. 367-374 https://doi.org/10.5220/0006466603670374
Reimair, Florian ; Feichtner, Johannes ; Ziegler, Dominik ; Kreuzhuber, Sandra ; Zefferer, Thomas. / Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth. Proceedings of the 14th International Joint Conference on e-Business and Telecommunications. Vol. 4 Portugal : SciTePress, 2017. pp. 367-374
@inproceedings{ff90cd779ba54475979becfe1b082ae2,
title = "Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth",
abstract = "Current application and device landscapes became a harsh environment for data security. Multi-device usersenjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous devicelandscape. However, today’s data protection mechanisms fell behind in taking care of some current use casesand application scenarios. We perform a case study and an in-depth security analysis and risk assessmenton a simplified set of three different cryptographic service provider types; software, hardware, and remote.Our case study shows that different provider types can change application characteristics considerably. Oursecurity analysis and risk assessment shows how different provider types can influence the security propertiesof a set of use cases. We found that no one provider can excel for every cryptographic task. Based on thesefindings we formulate a list of features which we believe are crucial to get the data protection mechanismsup to speed again so that everyone can again benefit from data security even in a world of highly distributedapplications and data.",
keywords = "Applied Cryptography, Cryptographic Service Providers, Cloud",
author = "Florian Reimair and Johannes Feichtner and Dominik Ziegler and Sandra Kreuzhuber and Thomas Zefferer",
year = "2017",
month = "7",
doi = "10.5220/0006466603670374",
language = "English",
isbn = "978-989-758-259-2",
volume = "4",
pages = "367--374",
booktitle = "Proceedings of the 14th International Joint Conference on e-Business and Telecommunications",
publisher = "SciTePress",
address = "Portugal",

}

TY - GEN

T1 - Cryptographic Service Providers in Current Device Landscapes: An Inconvenient Truth

AU - Reimair, Florian

AU - Feichtner, Johannes

AU - Ziegler, Dominik

AU - Kreuzhuber, Sandra

AU - Zefferer, Thomas

PY - 2017/7

Y1 - 2017/7

N2 - Current application and device landscapes became a harsh environment for data security. Multi-device usersenjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous devicelandscape. However, today’s data protection mechanisms fell behind in taking care of some current use casesand application scenarios. We perform a case study and an in-depth security analysis and risk assessmenton a simplified set of three different cryptographic service provider types; software, hardware, and remote.Our case study shows that different provider types can change application characteristics considerably. Oursecurity analysis and risk assessment shows how different provider types can influence the security propertiesof a set of use cases. We found that no one provider can excel for every cryptographic task. Based on thesefindings we formulate a list of features which we believe are crucial to get the data protection mechanismsup to speed again so that everyone can again benefit from data security even in a world of highly distributedapplications and data.

AB - Current application and device landscapes became a harsh environment for data security. Multi-device usersenjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous devicelandscape. However, today’s data protection mechanisms fell behind in taking care of some current use casesand application scenarios. We perform a case study and an in-depth security analysis and risk assessmenton a simplified set of three different cryptographic service provider types; software, hardware, and remote.Our case study shows that different provider types can change application characteristics considerably. Oursecurity analysis and risk assessment shows how different provider types can influence the security propertiesof a set of use cases. We found that no one provider can excel for every cryptographic task. Based on thesefindings we formulate a list of features which we believe are crucial to get the data protection mechanismsup to speed again so that everyone can again benefit from data security even in a world of highly distributedapplications and data.

KW - Applied Cryptography

KW - Cryptographic Service Providers

KW - Cloud

U2 - 10.5220/0006466603670374

DO - 10.5220/0006466603670374

M3 - Conference contribution

SN - 978-989-758-259-2

VL - 4

SP - 367

EP - 374

BT - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications

PB - SciTePress

CY - Portugal

ER -