Visible to the public Secure Multiparty Data Sharing in the Cloud Using Hardware-Based TPM Devices

TitleSecure Multiparty Data Sharing in the Cloud Using Hardware-Based TPM Devices
Publication TypeConference Paper
Year of Publication2014
AuthorsThilakanathan, D., Calvo, R.A., Shiping Chen, Nepal, S., Dongxi Liu, Zic, J.
Conference NameCloud Computing (CLOUD), 2014 IEEE 7th International Conference on
Date PublishedJune
KeywordsAccess Control, access control management, authorisation, authorised consumer, BYOD, cloud computing, cloud computing infrastructure, cloud enterprise, confidential data, cryptographic keys, cryptographic protocols, data consumers, Data models, data owner, data privacy, Data security, data sharing, Encryption, hardware-based TPM devices, hardware-based trusted platform module mechanism, Key Management, privacy, Protocols, secure data sharing protocol, secure multiparty data sharing, security, security key, security model, software-based security protocol, store data, TED, TPM, TPM mechanism, Trusted Computing, trusted enterprise, trusted extension device, untrusted cloud services
Abstract

The trend towards Cloud computing infrastructure has increased the need for new methods that allow data owners to share their data with others securely taking into account the needs of multiple stakeholders. The data owner should be able to share confidential data while delegating much of the burden of access control management to the Cloud and trusted enterprises. The lack of such methods to enhance privacy and security may hinder the growth of cloud computing. In particular, there is a growing need to better manage security keys of data shared in the Cloud. BYOD provides a first step to enabling secure and efficient key management, however, the data owner cannot guarantee that the data consumers device itself is secure. Furthermore, in current methods the data owner cannot revoke a particular data consumer or group efficiently. In this paper, we address these issues by incorporating a hardware-based Trusted Platform Module (TPM) mechanism called the Trusted Extension Device (TED) together with our security model and protocol to allow stronger privacy of data compared to software-based security protocols. We demonstrate the concept of using TED for stronger protection and management of cryptographic keys and how our secure data sharing protocol will allow a data owner (e.g, author) to securely store data via untrusted Cloud services. Our work prevents keys to be stolen by outsiders and/or dishonest authorised consumers, thus making it particularly attractive to be implemented in a real-world scenario.

URLhttp://ieeexplore.ieee.org/document/6973745/
DOI10.1109/CLOUD.2014.39
Citation Key6973745