DOI QR코드

DOI QR Code

Key Management Server Design for Providing Cryptographic Service in Cloud Computing Environment (Services in a Cloud Environment)

  • Jung, Ki Hyun ;
  • Shin, Seung Jung
  • Received : 2016.09.25
  • Accepted : 2016.10.25
  • Published : 2016.12.31

Abstract

In a cloud computing environment, a cryptographic service allows an information owner to encrypt the information and send it to a cloud server as well as to receive and decode encrypted data from the server which guarantees the confidentiality of shared information. However, if an attacker gains a coded data and has access to an encryption key via cloud server, then the server will be unable to prevent data leaks by a cloud service provider. In this paper, we proposed a key management server which does not allow an attacker to access to a coded key of the owners and prevents data leaks by a cloud service provider. A key management server provides a service where a server receives a coded public key of an information user from an owner and delivers a coded key to a user. Using a key management server proposed in this paper, we validated that the server can secure the confidentiality of an encryption key of data owners and efficiently distribute keys to data users.

Keywords

Cloud;Cryptographic service;Access control;Key management;Public key encryption

References

  1. P. Mah, ""Fees? Advanced functions?" A cloud storage selection guide for you", 2016, http://www.itworld.co.kr/t/34/cloud /102173 (Accessed November 25)
  2. S.J. Purewal, "Four types of cloud storage for small and medium enterprises that meets the dropbox's unsatisfactory condition", 2013, http://www.itworld.co.kr/news/83366 (Accessed November 25)
  3. N.S. Jho and D.W. Hong, "Technical Trend of the Searchable Encryption System", Electronics and Telecommunications Trends. Vol. 23, No. 4, 2008
  4. K.M. Kim, K.S. Sohn and S.Y. Nam, "Key Generation and Management Scheme for Partial Encryption Based on Hash Tree Chain", The Korea Society for Simulation. Vol. 25, No. 3, 2016, http://dx.doi.org/10.9709/JKSS.2016.25.3.077 https://doi.org/10.9709/JKSS.2016.25.3.077
  5. I. Paul, "Privacy tips that Google and Facebook users should be sure to know", 2013, http://www.ciokorea.com/news/18817?page=0,1 (Accessed November 25)
  6. P. Mah, "'Hackers and terrorists target is data' What is corporate defense?", 2013, http://www.ciokorea.com/news/17764?page=0,0 (Accessed November 25)
  7. H. Selden, "Tresorit Encrypted Cloud Storage: What You Need to Know", 2016, http://www.tomsitpro.com/articles/tresorit-review,1-3333.html (Accessed November 25)
  8. S.J. Purewal, "'Specialized in safety' Three kinds of cloud services suitable for the storage of sensitive data", 2014, http://www.ciokorea.com/news/20189?page=0,1 (Accessed November 25)
  9. P. Mah, "Three misconceptions of the cloud in small enterprises", 2016, http://www.itworld.co.kr/news/97712?page=0,1 (Accessed November 25)
  10. B. Butler, ""Even secure cloud storage is unsafe"...Johns Hopkins University researcher", 2014, http://www.itworld.co.kr/news/87172 (Accessed November 25)