Aus Aifbportal
Version vom 8. Juli 2014, 08:46 Uhr von Cw3002 (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „{{Publikation Erster Autor |ErsterAutorNachname=Lehner |ErsterAutorVorname=Jonas }} {{Publikation Author |Rank=2 |Author=Andreas Oberweis }} {{Publikation Author …“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche

Data protection in the Cloud – The MimoSecco approach

Published: 2014


Cloud Computing is a technology with vast impact on IT systems. Costs can be significantly reduced through on-demand purchase of CPU time, memory and storage, offering high flexibility. The main reason to avoid cloud technology still is security. This leads to a lack of trust in cloud services. Most cloud providers secure their systems only against external adversaries by using firewalls and secure connections. Internal adversaries, however, remain a big threat in this scenario. Especially when using mobile devices as clients, usable security with a low performance impact remains a challenge. In this paper, we present concepts for using software as a service with mobile devices while guaranteeing a high level of data protection. MimoSecco uses an innovative encryption scheme and hard-to-clone secure hardware to guarantee data protection. Top secret data is encrypted directly, processible confidential data is encrypted and fragmented by the database proxy and transferred to different servers. Context-based access control makes the misuse of mobile devices for unauthorized data access difficult. These set of measures raises the privacy level of cloud computing significantly.




Betriebliche Informationssysteme