Browse > Article
http://dx.doi.org/10.14372/IEMEK.2013.8.6.303

A Method for Data Access Control and Key Management in Mobile Cloud Storage Services  

Shin, Jaebok (POSTEC)
Kim, Yungu (POSTEC)
Park, Wooram (POSTEC)
Park, Chanik (POSTEC)
Publication Information
IEMEK Journal of Embedded Systems and Applications / v.8, no.6, 2013 , pp. 303-309 More about this Journal
Abstract
Cloud storage services are used for efficient sharing or synchronizing of user's data across multiple mobile devices. Although cloud storages provide flexibility and scalability in storing data, security issues should be handled. Currently, typical cloud storage services offer data encryption for security purpose but we think such method is not secure enough because managing encryption keys by software and identifying users by simple ID and password are main defectives of current cloud storage services. We propose a secure data access method to cloud storage in mobile environment. Our framework supports hardware-based key management, attestation on the client software integrity, and secure key sharing across the multiple devices. We implemented our prototype using ARM TrustZone and TPM Emulator which is running on secure world of the TrustZone environment.
Keywords
Mobile Security; ARM TrustZone; TPM; Cloud Storage;
Citations & Related Records
연도 인용수 순위
  • Reference
1 ARM, "ARM Fast Model Reference Manual", http://infocenter.arm.com/help/topic/com.arm.doc.dui0423m/DUI0423M_fast_model_rm.pdf
2 National Vulnerability Database, http://nvd.nist.gov/
3 CVE-2008-0923:http://eve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923
4 The Blue Pill Project: http://bluepillproject.org/
5 Amazon S3, "Using Data Encryption" http://docs.amazonwebserrvices.com/AamzonS3/latest/dev/UsingEncryption.html
6 Dropbox. http://www.dropbox.com
7 ARM, "ARM Securtiy Technology, Building a Secure System using TrustZone Technology," 2009.
8 S. Kinney, "Trusted Platform Module Basics-Using TPM in Embedded Systems," Elsvier, Inc. Oxford, 2006.
9 M. Strasser, H. Stamer, "A Software-Based Trusted Platform Module Emulator," TRUST 2008, LNCS, Vol. 4968, pp.33-47, 2008.
10 J. Shin, Y. Kim, W. Park, C. Park, "A Secure Data Management Framwork based on ARM TrustZone for Cloud Storage Services", Proceeding of Autumn Conference on IEMEK (in Korean).
11 Sierraware, "Open Virtualization for TrustZone Overview," 2011.
12 A. Mousa, A. Hamad, "Evaluation of the RC4 Algorithm for Data Encryption," International Journal of Computer Science & Applications, Vol. 3, No. 2, 2006.