{"title":"Low-Cost Distributed Key Management","authors":"V. Gopal, Shikha Fadnavis, Joel Coffman","doi":"10.1109/SERVICES.2018.00042","DOIUrl":null,"url":null,"abstract":"Key management is one of the biggest challenges in cryptography. Traditionally, organizations stored cryptographic keys using file-based storage, which is insecure due to the lack of sufficient authentication. To overcome this issue, industry has moved towards using Hardware Security Modules (HSMs) for storing cryptographic keys. However, storing keys on HSMs does not ensure high availability if they fail due to network outages or lack of sufficient resources. Major cloud offerings provide high-availability key management solutions, but their cost may be prohibitively high for small-and mid-sized organizations. In this paper, we propose a system that combines distributed object storage with Trusted Platform Modules (TPMs) to ensure secure storage of keys, high availability of sensitive data, and ease of deployment. We envision this system as an attractive alternative for key management in private and public cloud settings.","PeriodicalId":130225,"journal":{"name":"2018 IEEE World Congress on Services (SERVICES)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE World Congress on Services (SERVICES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2018.00042","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Key management is one of the biggest challenges in cryptography. Traditionally, organizations stored cryptographic keys using file-based storage, which is insecure due to the lack of sufficient authentication. To overcome this issue, industry has moved towards using Hardware Security Modules (HSMs) for storing cryptographic keys. However, storing keys on HSMs does not ensure high availability if they fail due to network outages or lack of sufficient resources. Major cloud offerings provide high-availability key management solutions, but their cost may be prohibitively high for small-and mid-sized organizations. In this paper, we propose a system that combines distributed object storage with Trusted Platform Modules (TPMs) to ensure secure storage of keys, high availability of sensitive data, and ease of deployment. We envision this system as an attractive alternative for key management in private and public cloud settings.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
