Key Management Systems at the Cloud Scale

被引:1
|
作者
Campagna, Matthew [1 ]
Gueron, Shay [1 ,2 ]
机构
[1] Amazon Web Serv Inc, Seattle, WA 98101 USA
[2] Univ Haifa, Dept Math, IL-3498838 Haifa, Israel
来源
CRYPTOGRAPHY | 2019年 / 3卷 / 03期
关键词
AES-GCM; cloud computing; key management; SECURITY;
D O I
10.3390/cryptography3030023
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper describes a cloud-scale encryption system. It discusses the constraints that shaped the design of Amazon Web Services' Key Management Service, and in particular, the challenges that arise from using a standard mode of operation such as AES-GCM while safely supporting huge amounts of encrypted data that is (simultaneously) generated and consumed by a huge number of users employing different keys. We describe a new derived-key mode that is designed for this multi-user-multi-key scenario typical at the cloud scale. Analyzing the resulting security bounds of this model illustrates its applicability for our setting. This mode is already deployed as the default mode of operation for the AWS key management service.
引用
收藏
页码:1 / 16
页数:16
相关论文
共 50 条
  • [31] Network Management and Monitoring for Cloud Systems
    Suciu, George
    Halunga, Simona
    Ochian, Adelina
    Suciu, Victor
    PROCEEDINGS OF THE 2014 6TH INTERNATIONAL CONFERENCE ON ELECTRONICS, COMPUTERS AND ARTIFICIAL INTELLIGENCE (ECAI), 2014,
  • [32] A Management Architecture of Cloud Server Systems
    Nie, Hua
    Li, Gongbo
    Liu, Xingkui
    Yang, Xiaojun
    Long, Keping
    2014 IEEE 20TH INTERNATIONAL CONFERENCE ON EMBEDDED AND REAL-TIME COMPUTING SYSTEMS AND APPLICATIONS (RTCSA), 2014,
  • [33] LIGHTWEIGHT KEY MANAGEMENT OF DRM SYSTEMS
    Chen, Tzung-Her
    Hung, Tsung-Hao
    Wu, Yan-Ting
    INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL, 2010, 6 (12): : 5657 - 5664
  • [34] Encryption key management as a trusted security as a service for cloud computing
    Fehis, Saad
    Nouali, Omar
    Kechadi, Mohand-Tahar
    International Journal of Security and Networks, 2021, 16 (03) : 150 - 162
  • [35] Integration of learning management systems with academic management systems using cloud computing
    Eulalio, Athos Denis
    de Souza, Rodrigo
    Diniz, Juliana Regueira
    2016 8TH EURO AMERICAN CONFERENCE ON TELEMATICS AND INFORMATION SYSTEMS (EATIS), 2016,
  • [36] Group Key Management Protocol for File Sharing on Cloud Storage
    Zhang, Shouyi
    Han, Si
    Zheng, Baokun
    Han, Ke
    Pang, Entong
    IEEE ACCESS, 2020, 8 : 123614 - 123622
  • [37] Overcoming Key Barriers for Secondary Cloud Forest Management in Mexico
    Toledo-Aceves, Tarin
    Guariguata, Manuel R.
    Guenter, Sven
    Porter-Bolland, Luciana
    Merino, Leticia
    LAND, 2021, 10 (10)
  • [38] A Way of Key Management in Cloud Storage Based on Trusted Computing
    Yang, Xin
    Shen, Qingni
    Yang, Yahui
    Qing, Sihan
    NETWORK AND PARALLEL COMPUTING, 2011, 6985 : 135 - 145
  • [39] An Efficient Key Management Infrastructure for Personal Health Records in Cloud
    Easwarmoorthy, Sathishkumar
    Sophia, F.
    Karrothu, Aravind
    PROCEEDINGS OF THE 2016 IEEE INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, SIGNAL PROCESSING AND NETWORKING (WISPNET), 2016, : 1651 - 1657
  • [40] KEY MANAGEMENT PROCESS ON THE HARDWARE CRYPTOGRAPHIC MODULE IN THE CLOUD COMPUTING
    Delgado Barroso, John Manuel
    Joyanes Aguilar, Luis
    Garcia Gundin, Pablo
    KEOD 2010: Proceedings of the International Conference on Knowledge Engineering and Ontology Development, 2010, : 493 - 496
12345