| Abstract |
: |
This paper deals with largely two security problems between the cloud computing service and trusted platform module (TPM) chip as a mobile convergent technology. At first, we solve the social issues from inside attackers, which is caused by that we regard server managers as trustworthy. In order to solve this problem, we propose encrypted DB retrieval system whose server manager cannot access on real data (plaintexts) in mobile office environments of the cloud datacenter. The other problem is that cloud computing has limitless computing resources; however, it faces with the vulnerability of security. On the other hand, the TPM technology has been known as a symbol of physical security; however, it has the severe limitation of use such as hardware constraints or limited amount of non-volatile memory. To overcome the weakness and produce synergic effects between the two technologies, we combine two applications (cloud datacenter service, TPM chip) as a mobile convergent technology. The main methods are TPM-security-client and masked keys. With these methods, the real keys are stored in TPM and the faked keys (masked keys) are implemented for computations instead of real keys. Thus, the result of the faked keys is the same as the real keys. Consequently, this system is secure against both of the insiders and outsiders, the cloud computing service can improve security weaknesses. |
| Cite this article |
: |
Hyun-A Park , " Secure chip based encrypted search protocol in mobile office environments " ,
International Journal of Advanced Computer Research (IJACR), Volume-6, Issue-24, May-2016 ,pp.72-80.DOI:10.19101/IJACR.2016.624016 |
| References |
: |
|
[1]Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, et al. Above the clouds: a Berkeley view of cloud computing. Department of Electrical Engineering and Computer Sciences, University of California, Berkeley, Rep. UCB/EECS. 2009; 28(13).
|
| [Google Scholar] |
|
[2]Chen C, Raj H, Saroiu S, Wolman A. cTPM: a cloud TPM for cross-device trusted applications. In11th USENIX symposium on networked systems design and implementation 2014 (pp.187-201).
|
| [Google Scholar] |
|
[3]Cheon JH, Kim WH, Nam HS. Known-plaintext cryptanalysis of the Domingo-Ferrer algebraic privacy homomorphism scheme. Information Processing Letters. 2006; 97(3):118-23.
|
| [Crossref] |
[Google Scholar] |
|
[4]I Ferrer JD. A new privacy homomorphism and applications. Information Processing Letters. 1996; 60(5):277-82.
|
| [Crossref] |
[Google Scholar] |
|
[5]Domingo-Ferrer J. A provably secure additive and multiplicative privacy homomorphism*. In information security 2002 (pp. 471-83). Springer Berlin Heidelberg.
|
| [Crossref] |
[Google Scholar] |
|
[6]Gregg M. 10 Security Concerns for Cloud Computing. http://www.globalknowledge.be/content/files/documents/386696/386784. Accessed 11 April 2016.
|
|
[7]Hacigümüş H, Iyer B, Li C, Mehrotra S. Executing SQL over encrypted data in the database-service-provider model. In proceedings of the ACM SIGMOD international conference on management of data 2002 (pp. 216-27). ACM.
|
| [Crossref] |
[Google Scholar] |
|
[8]Hacıgümüş H, Iyer B, Mehrotra S. Efficient execution of aggregation queries over encrypted relational databases. In database systems for advanced applications 2004 (pp. 125-36). Springer Berlin Heidelberg.
|
| [Crossref] |
[Google Scholar] |
|
[9]Kotla R, Rodeheffer T, Roy I, Stuedi P, Wester B. Pasture: Secure offline data access using commodity trusted hardware. In presented as part of the 10th USENIX symposium on operating systems design and implementation (OSDI 12) 2012 (pp. 321-34).
|
| [Google Scholar] |
|
[10]Mykletun E, Tsudik G. Aggregation queries in the database-as-a-service model. In data and applications security 2006 (pp. 89-103). Springer Berlin Heidelberg.
|
| [Crossref] |
[Google Scholar] |
|
[11]Park HA, Hong JW, Park JH, Zhan J, Lee DH. Combined authentication-based multilevel access control in mobile application for DailyLifeService. IEEE Transactions on Mobile Computing. 2010; 9(6):824-37.
|
| [Crossref] |
[Google Scholar] |
|
[12]Park HA, Lee DH, Zhan J, Blosser G. Efficient keyword index search over encrypted documents of groups. In IEEE international conference on intelligence and security informatics 2008 (pp. 225-9). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[13]Al-Qayedi A, Adi W, Zahro A, Mabrouk A. Combined web/mobile authentication for secure web access control. In wireless communications and networking conference 2004 (pp. 677-81). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[14]Ricci R, Chollet G, Crispino MV, Jassim S, Koreman J, Olivar-Dimas M, et al. Secure Phone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly. In defence and security symposium 2006 (pp. 625009-16). International society for optics and photonics.
|
| [Crossref] |
[Google Scholar] |
|
[15]Song DX, Wagner D, Perrig A. Practical techniques for searches on encrypted data. In proceedings of IEEE symposium on security and privacy 2000 (pp. 44-55). IEEE.
|
| [Crossref] |
[Google Scholar] |
|
[16]Wagner D. Cryptanalysis of an algebraic privacy homomorphism. In information security 2003 (pp. 234-9). Springer Berlin Heidelberg.
|
| [Crossref] |
[Google Scholar] |
|
[17]http://searchcloudapplications.techtarget.com/feature /Cloud-migrationstrategy- Consider-portability-security -overall-risk. Accessed 11 April 2016.
|
|
[18]Power R. CSI/FBI computer crime and security survey. Computer Security Journal. 2001; 17(2):20-51.
|
| [Google Scholar] |
|
[19]Kim R. Trusted Platform Module and Privacy Promises. https://www.cs.auckland.ac.nz/courses/compsci725s2c/archive/termpapers/skim.pdf. Accessed 16 March 2016.
|
|
Full-Text PDF
