Inproceedings3425: Unterschied zwischen den Versionen
Cw3002 (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „{{Publikation Erster Autor |ErsterAutorNachname=Lehner |ErsterAutorVorname=Jonas }} {{Publikation Author |Rank=2 |Author=Andreas Oberweis }} {{Publikation Author …“) |
Cw3002 (Diskussion | Beiträge) |
||
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 2: | Zeile 2: | ||
|ErsterAutorNachname=Lehner | |ErsterAutorNachname=Lehner | ||
|ErsterAutorVorname=Jonas | |ErsterAutorVorname=Jonas | ||
+ | |Referiert=True | ||
+ | |Booktitle=Trusted Cloud Computing | ||
+ | |Publisher=Springer | ||
}} | }} | ||
{{Publikation Author | {{Publikation Author | ||
|Rank=2 | |Rank=2 | ||
|Author=Andreas Oberweis | |Author=Andreas Oberweis | ||
+ | |Referiert=True | ||
+ | |Booktitle=Trusted Cloud Computing | ||
+ | |Publisher=Springer | ||
}} | }} | ||
{{Publikation Author | {{Publikation Author | ||
|Rank=3 | |Rank=3 | ||
|Author=Gunther Schiefer | |Author=Gunther Schiefer | ||
+ | |Referiert=True | ||
+ | |Booktitle=Trusted Cloud Computing | ||
+ | |Publisher=Springer | ||
}} | }} | ||
− | {{ | + | {{Inproceedings |
+ | |Referiert=True | ||
+ | |Title=Data protection in the Cloud – The MimoSecco Approach | ||
+ | |Year=2015 | ||
+ | |Month=Januar | ||
+ | |Booktitle=Trusted Cloud Computing | ||
+ | |Pages=177-186 | ||
+ | |Publisher=Springer | ||
+ | |Address=Heidelberg | ||
+ | |Editor=Helmut Krcmar, Ralf Reussner, Bernhard Rumpe | ||
|Referiert=True | |Referiert=True | ||
− | |||
− | |||
|Booktitle=Trusted Cloud Computing | |Booktitle=Trusted Cloud Computing | ||
|Publisher=Springer | |Publisher=Springer | ||
Zeile 21: | Zeile 37: | ||
|Abstract=Cloud Computing is a technology with vast impact on IT systems. Costs can be significantly reduced through on-demand purchase of CPU time, memory and storage, offering high flexibility. The main reason to avoid cloud technology still is security. This leads to a lack of trust in cloud services. Most cloud providers secure their systems only against external adversaries by using firewalls and secure connections. Internal adversaries, however, remain a big threat in this scenario. Especially when using mobile devices as clients, usable security with a low performance impact remains a challenge. | |Abstract=Cloud Computing is a technology with vast impact on IT systems. Costs can be significantly reduced through on-demand purchase of CPU time, memory and storage, offering high flexibility. The main reason to avoid cloud technology still is security. This leads to a lack of trust in cloud services. Most cloud providers secure their systems only against external adversaries by using firewalls and secure connections. Internal adversaries, however, remain a big threat in this scenario. Especially when using mobile devices as clients, usable security with a low performance impact remains a challenge. | ||
In this paper, we present concepts for using software as a service with mobile devices while guaranteeing a high level of data protection. MimoSecco uses an innovative encryption scheme and hard-to-clone secure hardware to guarantee data protection. Top secret data is encrypted directly, processible confidential data is encrypted and fragmented by the database proxy and transferred to different servers. Context-based access control makes the misuse of mobile devices for unauthorized data access difficult. These set of measures raises the privacy level of cloud computing significantly. | In this paper, we present concepts for using software as a service with mobile devices while guaranteeing a high level of data protection. MimoSecco uses an innovative encryption scheme and hard-to-clone secure hardware to guarantee data protection. Top secret data is encrypted directly, processible confidential data is encrypted and fragmented by the database proxy and transferred to different servers. Context-based access control makes the misuse of mobile devices for unauthorized data access difficult. These set of measures raises the privacy level of cloud computing significantly. | ||
+ | |Download=TrustedCloudWorkshop MimoSecco DataProtectionInTheCloud Manuskript AIFB Web.pdf, | ||
|Projekt=MimoSecco | |Projekt=MimoSecco | ||
|Forschungsgruppe=Betriebliche Informationssysteme | |Forschungsgruppe=Betriebliche Informationssysteme | ||
+ | |Referiert=True | ||
+ | |Booktitle=Trusted Cloud Computing | ||
+ | |Publisher=Springer | ||
}} | }} |
Aktuelle Version vom 7. Januar 2015, 14:26 Uhr
Data protection in the Cloud – The MimoSecco Approach
Data protection in the Cloud – The MimoSecco Approach
Published: 2015
Januar
Herausgeber: Helmut Krcmar, Ralf Reussner, Bernhard Rumpe
Buchtitel: Trusted Cloud Computing
Seiten: 177-186
Verlag: Springer
Erscheinungsort: Heidelberg
Referierte Veröffentlichung
BibTeX
Kurzfassung
Cloud Computing is a technology with vast impact on IT systems. Costs can be significantly reduced through on-demand purchase of CPU time, memory and storage, offering high flexibility. The main reason to avoid cloud technology still is security. This leads to a lack of trust in cloud services. Most cloud providers secure their systems only against external adversaries by using firewalls and secure connections. Internal adversaries, however, remain a big threat in this scenario. Especially when using mobile devices as clients, usable security with a low performance impact remains a challenge.
In this paper, we present concepts for using software as a service with mobile devices while guaranteeing a high level of data protection. MimoSecco uses an innovative encryption scheme and hard-to-clone secure hardware to guarantee data protection. Top secret data is encrypted directly, processible confidential data is encrypted and fragmented by the database proxy and transferred to different servers. Context-based access control makes the misuse of mobile devices for unauthorized data access difficult. These set of measures raises the privacy level of cloud computing significantly.
Download: Media:TrustedCloudWorkshop MimoSecco DataProtectionInTheCloud Manuskript AIFB Web.pdf
Betriebliche Informationssysteme