Secure Hardware-Based Public Cloud Storage

Bernd Zwattendorfer, Bojan Suzic, Peter Teufl, Andreas Derler

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

The storage of data on remote systems such as the public cloud opens new challenges in the field of data protection and security of the stored files. One
possible solution formeetingthese chal lenges is the encryption of the data at the local device, e.g. desktop, tablet, or smartphone, prior to the data transfer to the remote cloud-based storage. However, this approach bears additional challenges itself, such as secure encryption key management or secure and effective sharing of data in user groups. Including an additional encryption layerand security checks may additionally affect the system’s usability, as higher security requirements and a group sharing workflow increase general overhead through the complete organization of processes. To overcome such issues, we propose a solution which is based on highly secure and attack-resistant hardware-based encryption applied through the use of the Austrian citizen card public key infrastructure. As the citizen card infrastructure is already deployed and avai lable to a wide population, the service overhead and additional requirements of our proposed solutionare lower in comparison to other approaches, while at the same time synergistic and networking effects of the deployed infrastructure facilitate its usage and further potentials.
Original languageEnglish
Title of host publicationOpen Identity Summit 2013
PublisherSpringer
Pages43-54
Publication statusPublished - 2013
EventOpen Identity Summit 2013 - Kloster Banz, Germany
Duration: 10 Sep 201311 Sep 2013

Conference

ConferenceOpen Identity Summit 2013
CountryGermany
CityKloster Banz
Period10/09/1311/09/13

Fingerprint

Cryptography
Hardware
Data privacy
Smartphones
Security of data
Data transfer
Computer hardware

Keywords

  • cloud
  • public cloud
  • smart card
  • eid
  • cloud eid

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application

Cite this

Zwattendorfer, B., Suzic, B., Teufl, P., & Derler, A. (2013). Secure Hardware-Based Public Cloud Storage. In Open Identity Summit 2013 (pp. 43-54). Springer.

Secure Hardware-Based Public Cloud Storage. / Zwattendorfer, Bernd; Suzic, Bojan; Teufl, Peter; Derler, Andreas.

Open Identity Summit 2013. Springer, 2013. p. 43-54.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Zwattendorfer, B, Suzic, B, Teufl, P & Derler, A 2013, Secure Hardware-Based Public Cloud Storage. in Open Identity Summit 2013. Springer, pp. 43-54, Open Identity Summit 2013, Kloster Banz, Germany, 10/09/13.
Zwattendorfer B, Suzic B, Teufl P, Derler A. Secure Hardware-Based Public Cloud Storage. In Open Identity Summit 2013. Springer. 2013. p. 43-54
Zwattendorfer, Bernd ; Suzic, Bojan ; Teufl, Peter ; Derler, Andreas. / Secure Hardware-Based Public Cloud Storage. Open Identity Summit 2013. Springer, 2013. pp. 43-54
@inproceedings{2d8ed361767f430ea090de7a5c92d354,
title = "Secure Hardware-Based Public Cloud Storage",
abstract = "The storage of data on remote systems such as the public cloud opens new challenges in the field of data protection and security of the stored files. Onepossible solution formeetingthese chal lenges is the encryption of the data at the local device, e.g. desktop, tablet, or smartphone, prior to the data transfer to the remote cloud-based storage. However, this approach bears additional challenges itself, such as secure encryption key management or secure and effective sharing of data in user groups. Including an additional encryption layerand security checks may additionally affect the system’s usability, as higher security requirements and a group sharing workflow increase general overhead through the complete organization of processes. To overcome such issues, we propose a solution which is based on highly secure and attack-resistant hardware-based encryption applied through the use of the Austrian citizen card public key infrastructure. As the citizen card infrastructure is already deployed and avai lable to a wide population, the service overhead and additional requirements of our proposed solutionare lower in comparison to other approaches, while at the same time synergistic and networking effects of the deployed infrastructure facilitate its usage and further potentials.",
keywords = "cloud, public cloud, smart card, eid, cloud eid",
author = "Bernd Zwattendorfer and Bojan Suzic and Peter Teufl and Andreas Derler",
note = "The storage of data on remote systemssuch as the publ ic cloud opens newchallenges in th efield of data prot ection and security of thestored files. One possible solution formeetingthese chal lenges is th e encr yption of the data at the local device, e. g. desktop, tablet, or smartphone,prior to thedatatransfer to th e remote cloud-ba sed storage. However, this approa ch bearsadditionalchallenges itself, such as secure encr yption key manag ementor secure and effective sharing of da ta in user groups.Including an ad ditionalencryption layerand security checks may additionally affect the system’s usability,as higher security re quirements and a group sharingworkf lowincrease general overhead throughthe complete organization of proc esses. To overcome such issues, we propos easoluti on which is based on hi ghly secure and attack-resist ant hardware-b ased encr yption applied through the use of theAustria ncitizen car dpublic key infrastructure. As thecitizen cardinfrastructure is alreadydeployed and avai labletoawide popul ation, the service overhead an d additional requirements of our propos ed solutionare lowerin comparison to othe r approa ches, while at the same time synergistic and ne tworking effects of the deploy ed infrastructure facilitate its usage an dfurther potentials.",
year = "2013",
language = "English",
pages = "43--54",
booktitle = "Open Identity Summit 2013",
publisher = "Springer",

}

TY - GEN

T1 - Secure Hardware-Based Public Cloud Storage

AU - Zwattendorfer, Bernd

AU - Suzic, Bojan

AU - Teufl, Peter

AU - Derler, Andreas

N1 - The storage of data on remote systemssuch as the publ ic cloud opens newchallenges in th efield of data prot ection and security of thestored files. One possible solution formeetingthese chal lenges is th e encr yption of the data at the local device, e. g. desktop, tablet, or smartphone,prior to thedatatransfer to th e remote cloud-ba sed storage. However, this approa ch bearsadditionalchallenges itself, such as secure encr yption key manag ementor secure and effective sharing of da ta in user groups.Including an ad ditionalencryption layerand security checks may additionally affect the system’s usability,as higher security re quirements and a group sharingworkf lowincrease general overhead throughthe complete organization of proc esses. To overcome such issues, we propos easoluti on which is based on hi ghly secure and attack-resist ant hardware-b ased encr yption applied through the use of theAustria ncitizen car dpublic key infrastructure. As thecitizen cardinfrastructure is alreadydeployed and avai labletoawide popul ation, the service overhead an d additional requirements of our propos ed solutionare lowerin comparison to othe r approa ches, while at the same time synergistic and ne tworking effects of the deploy ed infrastructure facilitate its usage an dfurther potentials.

PY - 2013

Y1 - 2013

N2 - The storage of data on remote systems such as the public cloud opens new challenges in the field of data protection and security of the stored files. Onepossible solution formeetingthese chal lenges is the encryption of the data at the local device, e.g. desktop, tablet, or smartphone, prior to the data transfer to the remote cloud-based storage. However, this approach bears additional challenges itself, such as secure encryption key management or secure and effective sharing of data in user groups. Including an additional encryption layerand security checks may additionally affect the system’s usability, as higher security requirements and a group sharing workflow increase general overhead through the complete organization of processes. To overcome such issues, we propose a solution which is based on highly secure and attack-resistant hardware-based encryption applied through the use of the Austrian citizen card public key infrastructure. As the citizen card infrastructure is already deployed and avai lable to a wide population, the service overhead and additional requirements of our proposed solutionare lower in comparison to other approaches, while at the same time synergistic and networking effects of the deployed infrastructure facilitate its usage and further potentials.

AB - The storage of data on remote systems such as the public cloud opens new challenges in the field of data protection and security of the stored files. Onepossible solution formeetingthese chal lenges is the encryption of the data at the local device, e.g. desktop, tablet, or smartphone, prior to the data transfer to the remote cloud-based storage. However, this approach bears additional challenges itself, such as secure encryption key management or secure and effective sharing of data in user groups. Including an additional encryption layerand security checks may additionally affect the system’s usability, as higher security requirements and a group sharing workflow increase general overhead through the complete organization of processes. To overcome such issues, we propose a solution which is based on highly secure and attack-resistant hardware-based encryption applied through the use of the Austrian citizen card public key infrastructure. As the citizen card infrastructure is already deployed and avai lable to a wide population, the service overhead and additional requirements of our proposed solutionare lower in comparison to other approaches, while at the same time synergistic and networking effects of the deployed infrastructure facilitate its usage and further potentials.

KW - cloud

KW - public cloud

KW - smart card

KW - eid

KW - cloud eid

M3 - Conference contribution

SP - 43

EP - 54

BT - Open Identity Summit 2013

PB - Springer

ER -