Cloud computing provides reliable and highly-scalable access to resources over the internet.
But outsourcing sensitive data to an untrusted third party requires cryptographic methods like encryption.
This paper presents a novel approach to a distributed cloud key management scheme.
In a setting with a public cloud, data is encrypted by a trusted adapter before upload.
The encryption key is not persistently stored at the adapter.
Several entities share parts of the key that is computed and temporarily stored at the adapter if needed.
This work describes how the key management is working during bootstrapping and runtime as well as how recovery is performed.
%0 Conference Paper
%1 dowsley2016distributed
%A Dowsley, Rafael
%A Gabel, Matthias
%A Hübsch, Gerald
%A Schiefer, Schiefer
%A Schwichtenberg, Antonia
%B Proceedings of the 2nd International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'16)
%D 2016
%E Gehrmann, Christian
%E Mentzas, Gregoris
%E Michalas, Antonis
%E Müller-Quade, Jörn
%E Verginadis, Yiannis
%K cloud distribution encryption keymanagement privacy security
%T A Distributed Key Management Approach
%X Cloud computing provides reliable and highly-scalable access to resources over the internet.
But outsourcing sensitive data to an untrusted third party requires cryptographic methods like encryption.
This paper presents a novel approach to a distributed cloud key management scheme.
In a setting with a public cloud, data is encrypted by a trusted adapter before upload.
The encryption key is not persistently stored at the adapter.
Several entities share parts of the key that is computed and temporarily stored at the adapter if needed.
This work describes how the key management is working during bootstrapping and runtime as well as how recovery is performed.
@inproceedings{dowsley2016distributed,
abstract = {Cloud computing provides reliable and highly-scalable access to resources over the internet.
But outsourcing sensitive data to an untrusted third party requires cryptographic methods like encryption.
This paper presents a novel approach to a distributed cloud key management scheme.
In a setting with a public cloud, data is encrypted by a trusted adapter before upload.
The encryption key is not persistently stored at the adapter.
Several entities share parts of the key that is computed and temporarily stored at the adapter if needed.
This work describes how the key management is working during bootstrapping and runtime as well as how recovery is performed.},
added-at = {2016-09-22T09:36:16.000+0200},
author = {Dowsley, Rafael and Gabel, Matthias and Hübsch, Gerald and Schiefer, Schiefer and Schwichtenberg, Antonia},
biburl = {https://www.bibsonomy.org/bibtex/29110c92fbc928aea64eeca58a449763d/paaswordcas},
booktitle = {Proceedings of the 2nd International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'16)},
editor = {Gehrmann, Christian and Mentzas, Gregoris and Michalas, Antonis and Müller-Quade, Jörn and Verginadis, Yiannis},
interhash = {1730e642ea457952e054d2c3af6b463d},
intrahash = {9110c92fbc928aea64eeca58a449763d},
keywords = {cloud distribution encryption keymanagement privacy security},
month = dec,
timestamp = {2016-09-22T09:40:27.000+0200},
title = {A Distributed Key Management Approach},
year = 2016
}