Abstract
As the Internet has evolved from host-to-host communications to content distribution, data-centric networking platforms are gaining a momentum. Especially, as the cloud computing becomes the norm, there is a consensus that data is to be distributed over some potentially untrusted servers to which its publishers/subscribers are connected. While data-centric networking platforms have been an area of active research, there have been few studies on how to distribute and manage keys for data protection in such platforms with untrusted servers. We present a key management framework in which symmetric and asymmetric keys are securely managed. A writer publishes not only his (encrypted) data but also the symmetric key for the data. Likewise, a reader retrieves the symmetric key as well as the data of interest. To make the key distribution securely between a writer and a reader via an untrusted server, we introduce a key server running on top of the Intel SGX technology. In this way, we can manage and distribute keys for data protection in an efficient and flexible manner. We demonstrate that the prototype of the proposed framework is running with the negligible overhead.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We interchangeably use a writer and a publisher to refer to an entity who generates the data; likewise, a reader or a subscriber will consume the data.
References
Wolfssl library. https://www.wolfssl.com/. Accessed 31 May 2019
Technotes:hardware root of trust, pp. 1–3 (2016). https://kp-cdn.samsungknox.com/bb91024cad9080904523821f727b9593.pdf. Accessed 31 May 2019
Samsung knox (2018). https://www.samsungknox.com/en. Accessed 31 May 2019
Kim, Y., Perrig, A., Tsudik, G.: Tree-based group key agreement. ACM Trans. Inf. Syst. Secur. (TISSEC) 7(1), 60–96 (2004)
Knauth, T., Steiner, M., Chakrabarti, S., Lei, L., Xing, C., Vij, M.: Integrating remote attestation with transport layer security. arXiv preprint arXiv:1801.05863 (2018)
Mattila, J., Seppälä, T., Holmström, J.: Product-centric information management: a case study of a shared platform with blockchain technology, p. 1 (2016)
Mor, N., et al.: Toward a global data infrastructure. IEEE Internet Comput. 20(3), 54–62 (2016)
Sherman, A.T., McGrew, D.A.: Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. 29(5), 444–458 (2003)
Szebeni, S., Butty’n, L., et al.: Invitation-oriented TGDH: Key management for dynamic groups in an asynchronous communication model. In: 2012 41st International Conference on Parallel Processing Workshops (ICPPW), pp. 269–276. IEEE (2012)
Wei, C., Li, J., Li, W., Yu, P., Guan, H.: STYX: a trusted and accelerated hierarchical SSL key management and distribution system for cloud based CDN application. In: Proceedings of the 2017 Symposium on Cloud Computing, pp. 201–213. ACM (2017)
Xue, K., Hong, P.: A dynamic secure group sharing framework in public cloud computing. IEEE Trans. Cloud Comput. 2(4), 459–470 (2014)
Zhang, L., et al.: Named data networking. ACM SIGCOMM Comput. Commun. Rev. 44(3), 66–73 (2014)
Zyskind, G., Nathan, O., et al.: Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE Security and Privacy Workshops (SPW), pp. 180–184. IEEE (2015)
Acknowledgement
This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No.2018-0-00231, Development of context adaptive security autonomous enforcement technology to prevent spread of IoT infrastructure attacks). In addition, the ICT at Seoul National University provides research facilities for this study.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Park, M. et al. (2020). An SGX-Based Key Management Framework for Data Centric Networking. In: You, I. (eds) Information Security Applications. WISA 2019. Lecture Notes in Computer Science(), vol 11897. Springer, Cham. https://doi.org/10.1007/978-3-030-39303-8_28
Download citation
DOI: https://doi.org/10.1007/978-3-030-39303-8_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39302-1
Online ISBN: 978-3-030-39303-8
eBook Packages: Computer ScienceComputer Science (R0)