International Journal of Advanced Computer Research (IJACR) ISSN (P): 2249-7277 ISSN (O): 2277-7970 Vol - 6, Issue - 24, May 2016
  1. 1
    Google Scholar
  2. 4
    Impact Factor
Secure chip based encrypted search protocol in mobile office environments

Hyun-A Park

Abstract

This paper deals with largely two security problems between the cloud computing service and trusted platform module (TPM) chip as a mobile convergent technology. At first, we solve the social issues from inside attackers, which is caused by that we regard server managers as trustworthy. In order to solve this problem, we propose encrypted DB retrieval system whose server manager cannot access on real data (plaintexts) in mobile office environments of the cloud datacenter. The other problem is that cloud computing has limitless computing resources; however, it faces with the vulnerability of security. On the other hand, the TPM technology has been known as a symbol of physical security; however, it has the severe limitation of use such as hardware constraints or limited amount of non-volatile memory. To overcome the weakness and produce synergic effects between the two technologies, we combine two applications (cloud datacenter service, TPM chip) as a mobile convergent technology. The main methods are TPM-security-client and masked keys. With these methods, the real keys are stored in TPM and the faked keys (masked keys) are implemented for computations instead of real keys. Thus, the result of the faked keys is the same as the real keys. Consequently, this system is secure against both of the insiders and outsiders, the cloud computing service can improve security weaknesses.

Keyword

Security, TPM, Cloud computing, Insiders, Collaborative computing, Synergic effects.

Cite this article

Refference

[1][1]Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, et al. Above the clouds: a Berkeley view of cloud computing. Department of Electrical Engineering and Computer Sciences, University of California, Berkeley, Rep. UCB/EECS. 2009; 28(13).

[2][2]Chen C, Raj H, Saroiu S, Wolman A. cTPM: a cloud TPM for cross-device trusted applications. In11th USENIX symposium on networked systems design and implementation 2014 (pp.187-201).

[3][3]Cheon JH, Kim WH, Nam HS. Known-plaintext cryptanalysis of the Domingo-Ferrer algebraic privacy homomorphism scheme. Information Processing Letters. 2006; 97(3):118-23.

[4][4]I Ferrer JD. A new privacy homomorphism and applications. Information Processing Letters. 1996; 60(5):277-82.

[5][5]Domingo-Ferrer J. A provably secure additive and multiplicative privacy homomorphism*. In information security 2002 (pp. 471-83). Springer Berlin Heidelberg.

[6][6]Gregg M. 10 Security Concerns for Cloud Computing. http://www.globalknowledge.be/content/files/documents/386696/386784. Accessed 11 April 2016.

[7][7]Hacigümüş H, Iyer B, Li C, Mehrotra S. Executing SQL over encrypted data in the database-service-provider model. In proceedings of the ACM SIGMOD international conference on management of data 2002 (pp. 216-27). ACM.

[8][8]Hacıgümüş H, Iyer B, Mehrotra S. Efficient execution of aggregation queries over encrypted relational databases. In database systems for advanced applications 2004 (pp. 125-36). Springer Berlin Heidelberg.

[9][9]Kotla R, Rodeheffer T, Roy I, Stuedi P, Wester B. Pasture: Secure offline data access using commodity trusted hardware. In presented as part of the 10th USENIX symposium on operating systems design and implementation (OSDI 12) 2012 (pp. 321-34).

[10][10]Mykletun E, Tsudik G. Aggregation queries in the database-as-a-service model. In data and applications security 2006 (pp. 89-103). Springer Berlin Heidelberg.

[11][11]Park HA, Hong JW, Park JH, Zhan J, Lee DH. Combined authentication-based multilevel access control in mobile application for DailyLifeService. IEEE Transactions on Mobile Computing. 2010; 9(6):824-37.

[12][12]Park HA, Lee DH, Zhan J, Blosser G. Efficient keyword index search over encrypted documents of groups. In IEEE international conference on intelligence and security informatics 2008 (pp. 225-9). IEEE.

[13][13]Al-Qayedi A, Adi W, Zahro A, Mabrouk A. Combined web/mobile authentication for secure web access control. In wireless communications and networking conference 2004 (pp. 677-81). IEEE.

[14][14]Ricci R, Chollet G, Crispino MV, Jassim S, Koreman J, Olivar-Dimas M, et al. Secure Phone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly. In defence and security symposium 2006 (pp. 625009-16). International society for optics and photonics.

[15][15]Song DX, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In proceedings of IEEE symposium on security and privacy 2000 (pp. 44-55). IEEE.

[16][16]Wagner D. Cryptanalysis of an algebraic privacy homomorphism. In information security 2003 (pp. 234-9). Springer Berlin Heidelberg.

[17][17]http://searchcloudapplications.techtarget.com/feature /Cloud-migrationstrategy- Consider-portability-security -overall-risk. Accessed 11 April 2016.

[18][18]Power R. CSI/FBI computer crime and security survey. Computer Security Journal. 2001; 17(2):20-51.

[19][19]Kim R. Trusted Platform Module and Privacy Promises. https://www.cs.auckland.ac.nz/courses/compsci725s2c/archive/termpapers/skim.pdf. Accessed 16 March 2016.