Thursday, June 22, 2017 - 16:00 to 17:15
Security in a Distributed Key Management Approach
Cloud computing offers many advantages as flexibility or resource-efficiency and can significantly reduce costs. However, when sensitive medical data is outsourced to a cloud provider, classified records can leak. To protect the patients and application providers from a privacy breach data must be encrypted before it is uploaded. In this work, we present a distributed key management scheme that handles user-specific keys in a single-tenant scenario. The underlying database is encrypted and the secret key is only reconstructed temporarily in memory. Our scheme distributes shares of the key to the different entities. We address bootstrapping, key recovery, the attacker model and the resulting security guarantees.
Gunther Schiefer's picture
Gunther Schiefer
Karlsruhe Institute of Technology (DE)
Murat Citak's picture
Murat Citak
Andreas Schoknecht's picture
Andreas Schoknecht
Matthias Gabel's picture
Matthias Gabel
Jeremias Mechler's picture
Jeremias Mechler
Karlsruhe Institute of Technology (DE)