Abstract
Cloud Security is one of the biggest challenges that currently this technology is facing. Based on cryptography and keys used to protect information, this paper proposes the integration of key management model in the cloud KMIP with the cryptographic standard protocol PKCS11, responding to the problem of key management, no doubt, one of the main problems to solve when a model of this nature is thought in the cloud. The inclusion of cryptographic hardware reinforces this proposal, which is based in interoperable models that are compatible with high level of security devices like Hardware Security Modules.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Oasis, OASIS Members Form Key Management Interoperability Protocol (KMIP) Technical Committee (2009), http://www.oasis-open.org/committees/kmip/charter.php
Oasis, KMIP: Key Management Interoperability Protocol (2009), http://www.oasis-open.org/committees/kmip
Ansi, Interoperable Secure Key Exchange Key Block Specification for Symmetric Algorithms (2005), http://www.techstreet.com/standards/X9/TR_31_2005?product_id=1327251
Ansi, Retail Financial Services Symmetric Key Management Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys Accredited Standards Committee X9 (2006), http://www.techstreet.com/cgi-bin/detail?doc_no=X9%7CX9_24_2_2006&product_id=1327211
Ansi, Framework for Key Management Extensions (2007), http://webstore.ansi.org/RecordDetail.aspx?sku=ANSI+X9.69-2006
Areito, J.: Seguridad de la Información: redes, informática y Sociedad de la Información. Cengage Learning-Paraninfo (2009)
Phillip, B.-H.: Overview of IETF KEYPROV (2009), http://tools.ietf.org/html/draft-ietf-keyprov-pskc
Elaine, B., Branstad, D., et al.: Cryptographic Key Management Workshop. NIST Focus Paper. NIST Key Management Workshop Sumary (2010), csrc.nist.gov/publications/nistir/ir7609/nistir-7609.pdf
Mathias, B., Christian, C., et al.: Design and Implementation of a Key-Lifecycle Management System. IBM Research (2009), http://www.zurich.ibm.com/~cca/papers/klm.pdf
Christian, C.: A Secure Cryptographic Token Interface. IBM Zurich Research Labs Research (2009), http://www.zurich.ibm.com/~cca/papers/mkms.pdf
Chakrabarti, A.: Grid computing security. Springer, Heidelberg (2007), http://www.amazon.com/Grid-Computing-Security-Anirban-Chakrabarti/dp/3540444920
Kimberly, G.: Encryption and Key Management Benchmark Report. Trust Catalyst (2008), http://idtrust.xml.org/news/2008-encryption-and-key-management-benchmark-report
George, H.: New Storage Security Specs Promote Hardware-Based Encryption. Byte and Switch (2009), http://www.networkcomputing.com/other/new-storage-security-specs-promote-hardware-based-encryption.php?type=article
Luther, M.: Federated Key Management as the Basis for Secure Cloud Computing (2010), http://www.scmagazineus.com/federated-key-management-as-the-basis-for-secure-cloud-computing/article/158089/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Delgado Barroso, J.M., Aguilar, L.J., Gundín, P.G., Vasquezr, J. (2011). An Approach to the Integration of Cryptographic Services in the Cloud Computing Supported on a Standard Interfaces to the Execution of Cryptographic Processes on Demand. Study Case: Key Management Protocol Interoperability vs. RSA PKCS # 11 Standard. In: Ariwa, E., El-Qawasmeh, E. (eds) Digital Enterprise and Information Systems. DEIS 2011. Communications in Computer and Information Science, vol 194. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22603-8_60
Download citation
DOI: https://doi.org/10.1007/978-3-642-22603-8_60
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22602-1
Online ISBN: 978-3-642-22603-8
eBook Packages: Computer ScienceComputer Science (R0)