Key Management Systems at the Cloud Scale

被引:1
|
作者
Campagna, Matthew [1 ]
Gueron, Shay [1 ,2 ]
机构
[1] Amazon Web Serv Inc, Seattle, WA 98101 USA
[2] Univ Haifa, Dept Math, IL-3498838 Haifa, Israel
来源
CRYPTOGRAPHY | 2019年 / 3卷 / 03期
关键词
AES-GCM; cloud computing; key management; SECURITY;
D O I
10.3390/cryptography3030023
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper describes a cloud-scale encryption system. It discusses the constraints that shaped the design of Amazon Web Services' Key Management Service, and in particular, the challenges that arise from using a standard mode of operation such as AES-GCM while safely supporting huge amounts of encrypted data that is (simultaneously) generated and consumed by a huge number of users employing different keys. We describe a new derived-key mode that is designed for this multi-user-multi-key scenario typical at the cloud scale. Analyzing the resulting security bounds of this model illustrates its applicability for our setting. This mode is already deployed as the default mode of operation for the AWS key management service.
引用
收藏
页码:1 / 16
页数:16
相关论文
共 50 条
  • [41] Comparing the Efficiency of Key Management Hierarchies for Access Control in Cloud
    Kumar, Naveen
    Mathuria, Anish
    Das, Manik Lal
    SECURITY IN COMPUTING AND COMMUNICATIONS (SSCC 2015), 2015, 536 : 36 - 44
  • [42] Scalable and Reliable Key Management for Secure Deduplication in Cloud Storage
    Kwon, Hyunsoo
    Hahn, Changhee
    Koo, Dongyoung
    Hur, Junbeom
    2017 IEEE 10TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING (CLOUD), 2017, : 391 - 398
  • [43] TwinCloud: Secure Cloud Sharing Without Explicit Key Management
    Bicakci, Kemal
    Yavuz, Davut Deniz
    Gurkan, Sezin
    2016 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2016, : 581 - 585
  • [44] RESEARCH ON KEY TECHNOLOGIES OF RESOURCE MANAGEMENT IN CLOUD SIMULATION PLATFORM
    Lin, Ting Yu
    Chai, Xu Dong
    Li, Bo Hu
    23RD EUROPEAN MODELING & SIMULATION SYMPOSIUM, EMSS 2011, 2011, : 508 - 515
  • [45] Cyber Resilience, Risk Management, and Security Challenges in Enterprise-Scale Cloud Systems: Comprehensive Review
    Abdi, Abdiaziz
    Bennouri, Hajar
    Keane, Anthony
    2024 13TH MEDITERRANEAN CONFERENCE ON EMBEDDED COMPUTING, MECO 2024, 2024, : 132 - 139
  • [46] SEMSim Cloud Service: Large-scale urban systems simulation in the cloud
    Zehe, Daniel
    Knoll, Alois
    Cai, Wentong
    Aydt, Heiko
    SIMULATION MODELLING PRACTICE AND THEORY, 2015, 58 : 157 - 171
  • [47] An Evaluation on Securing Cloud Systems based on Cryptographic Key Algorithms
    Njuki, Sam
    Zhang, Jianbiao
    Too, Edna C.
    Richard, Rimiru
    PROCEEDINGS OF THE 2018 2ND INTERNATIONAL CONFERENCE ON ALGORITHMS, COMPUTING AND SYSTEMS (ICACS 2018), 2018, : 14 - 20
  • [48] Varanus: In Situ Monitoring for Large Scale Cloud Systems
    Ward, Jonathan Stuart
    Barker, Adam
    2013 IEEE FIFTH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), VOL 2, 2013, : 341 - 344
  • [49] Large-Scale Data Analysis on Cloud Systems
    Marozzo, Fabrizio
    Talia, Domenico
    Trunfio, Paolo
    ERCIM NEWS, 2012, (89): : 26 - 27
  • [50] Open Undersea Cable Systems for Cloud Scale Operation
    Gaudette, Jamie
    Stuch, Tim
    2017 OPTICAL FIBER COMMUNICATIONS CONFERENCE AND EXHIBITION (OFC), 2017,
12345