{"title":"A Secure Secondary Backup Storage with an Isolated Authentication","authors":"Kwangjin Bae, I. You, Kangbin Yim, Taeho Son","doi":"10.1109/IMIS.2012.195","DOIUrl":null,"url":null,"abstract":"The primary backup disks store sensitive data such as privacy information and enterprise secrets. However, they are not encrypted usually because they are shared among multiple users in real time. Nevertheless, there is no concept of additional backing up the disks except the RAID support. This paper introduces a secure secondary backup system for the primary backup disks. The proposed system encrypts the scheduled files and backups them into the secondary backup disks. The encryption process uses the encryption key provided from hardware security modules that were directly plugged into the disks during the synchronization step in which the HSMs authenticate the disk owners and then unplugged. This architecture mechanically separates the HSM from the host, makes it immune to the reverse attack at the host side and keeps the disks safe from the insider's attack combined with a physical theft.","PeriodicalId":290976,"journal":{"name":"2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMIS.2012.195","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The primary backup disks store sensitive data such as privacy information and enterprise secrets. However, they are not encrypted usually because they are shared among multiple users in real time. Nevertheless, there is no concept of additional backing up the disks except the RAID support. This paper introduces a secure secondary backup system for the primary backup disks. The proposed system encrypts the scheduled files and backups them into the secondary backup disks. The encryption process uses the encryption key provided from hardware security modules that were directly plugged into the disks during the synchronization step in which the HSMs authenticate the disk owners and then unplugged. This architecture mechanically separates the HSM from the host, makes it immune to the reverse attack at the host side and keeps the disks safe from the insider's attack combined with a physical theft.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
