KTH-SEECS Applied Information Security Lab

National University of Sciences and Technology (NUST)

Symmetric Cryptographic Key Management in Cloud Based Environment

Domain:Cloud Security

Status: Completed
Contact Person(s):  Faiza Fakhar , Awais Shibli

Date of Completion: August, 2013 

Despite all the benefits delivered by Cloud computing, several security challenges such as data security are hampering the migration of customer applications on Cloud. These challenges stem from the fact that the consumer of public Cloud services do not know the exact location where the data resides on the servers.  This makes data security more challenging to achieve in Cloud. In this regard, cryptography is one of the mechanisms that can provide security for Cloud data through effective use and management of cryptographic keys. However, the use of cryptographic key in Cloud applications has prompted large fraction of security vulnerabilities. While storing cryptographic keys at enterprise premises, searching of encrypted data from a large data set is problematic since cryptographic keys are not available on Cloud.

This research provides an effective and robust security protocol for symmetric cryptographic key management in Cloud and provides a mechanism for secure storage of sensitive data on Cloud. Proposed protocol is based on secret splitting of cryptographic key in several components as well as distributes these components into various Cloud servers. 

                                                                                                        

The protocol ensures key protection, even if one of the Cloud servers is compromised. Furthermore, key access security is ensured through on the fly computation of cryptographic key. All data transfer between Cloud servers as well as end user browser to an application server is done through PKCS#7 and SSL respectively. Proposed protocol can be used to provide symmetric cryptographic key as Cloud service and user may embed this service in other utilities such as mobile/PDA’s digital signature utilities etc.

 


Project Documents:

  1. Absract  (PDF)
  2. Presentation  (PDF)
  3. Publication

      ►  "Management of Symmetric Cryptographic Keys in Cloud Based Environment" (Link)