IEMEK Journal of Embedded Systems and Applications (대한임베디드공학회논문지)

Institute of Embedded Engineering of Korea (대한임베디드공학회)
권호 표지
DOI QR코드

DOI QR Code

A Method for Data Access Control and Key Management in Mobile Cloud Storage Services

모바일 클라우드 스토리지 서비스에서의 데이터 보안을 위한 데이터 접근 제어 및 보안 키 관리 기법

  • Received : 2013.02.15
  • Accepted : 2013.09.05
  • Published : 2013.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Cloud storage services are used for efficient sharing or synchronizing of user's data across multiple mobile devices. Although cloud storages provide flexibility and scalability in storing data, security issues should be handled. Currently, typical cloud storage services offer data encryption for security purpose but we think such method is not secure enough because managing encryption keys by software and identifying users by simple ID and password are main defectives of current cloud storage services. We propose a secure data access method to cloud storage in mobile environment. Our framework supports hardware-based key management, attestation on the client software integrity, and secure key sharing across the multiple devices. We implemented our prototype using ARM TrustZone and TPM Emulator which is running on secure world of the TrustZone environment.

Keywords

References

  1. National Vulnerability Database, http://nvd.nist.gov/
  2. CVE-2008-0923:http://eve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923
  3. The Blue Pill Project: http://bluepillproject.org/
  4. Amazon S3, "Using Data Encryption" http://docs.amazonwebserrvices.com/AamzonS3/latest/dev/UsingEncryption.html
  5. Dropbox. http://www.dropbox.com
  6. ARM, "ARM Securtiy Technology, Building a Secure System using TrustZone Technology," 2009.
  7. S. Kinney, "Trusted Platform Module Basics-Using TPM in Embedded Systems," Elsvier, Inc. Oxford, 2006.
  8. M. Strasser, H. Stamer, "A Software-Based Trusted Platform Module Emulator," TRUST 2008, LNCS, Vol. 4968, pp.33-47, 2008.
  9. J. Shin, Y. Kim, W. Park, C. Park, "A Secure Data Management Framwork based on ARM TrustZone for Cloud Storage Services", Proceeding of Autumn Conference on IEMEK (in Korean).
  10. ARM, "ARM Fast Model Reference Manual", http://infocenter.arm.com/help/topic/com.arm.doc.dui0423m/DUI0423M_fast_model_rm.pdf
  11. Sierraware, "Open Virtualization for TrustZone Overview," 2011.
  12. A. Mousa, A. Hamad, "Evaluation of the RC4 Algorithm for Data Encryption," International Journal of Computer Science & Applications, Vol. 3, No. 2, 2006.