Published: 2016 Dezember
Buchtitel: Proc. of the 2nd International Workshop on Cloud Security and Data Privacy by Design (CloudSPD'16), co-located with the 8th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2016)
Cloud computing provides reliable and highlyscalable access to resources over the internet. But outsourcing sensitive data to an probably untrusted cloud provider (third party) requires cryptographic methods like encryption. This paper presents a novel approach to a distributed cloud key management scheme. In a setting with a public cloud application, data is encrypted by a separate trusted adapter before storing somewhere else. The encryption key is not persistently stored at the adapter. Several entities share parts of the key that is computed and temporarily stored at the adapter if needed. This work describes how the key management is working during bootstrapping and runtime as well as how key recovery can be performed.