Key Management for Cloud Data Storage: Methods and Comparisons

Buchade, Amar; Ingle, Rajesh

doi:10.1109/acct.2014.78

Cited by 18 publications

(3 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Amar Buchade et al [7] analyze symmetric key cryptography techniques and key management in cloud environments. They evaluate the performance and security of various symmetric key algorithms, such as AES and DES, in the context of cloud-based applications.…”

Section: Literature Reviewmentioning

confidence: 99%

Continuous Integration for New Service Deployment and Service Validation Script for Vault

Raj

2024

IJSREM

View full text Add to dashboard Cite

Modern cloud-native applications demand robust security measures to safeguard sensitive data such as passwords, API keys, and encryption keys. Managing these secrets securely within Kubernetes clusters presents a significant challenge. In response, this project proposes a comprehensive solution leverag- ing HashiCorp Vault, Kubernetes, and Docker to enhance secret management and strengthen overall security posture.HashiCorp Vault serves as a centralized secrets management tool, provid- ing encryption, access control, and auditing functionalities. By integrating Vault with Kubernetes, secrets can be dynamically generated, securely stored, and automatically injected into ap- plication pods at runtime. This approach reduces the exposure of sensitive information within containerized environments and mitigates the risk of unauthorized access. The project architecture involves deploying Vault within the Kubernetes cluster, utilizing Docker containers for seamless encapsulation and portability. Kubernetes’ native integrations with Vault, such as the Kubernetes Auth method and the Vault Agent Injector, streamline the authentication and authorization processes, ensuring secure communication between applications and Vault. The project involves deploying Vault in Kubernetes for secrets management, ensuring High Availability. It focuses on generating, storing, and managing secrets securely, leveraging Vault’s dynamic secrets engine for automatic rotation. Integration with Kubernetes employs authentication methods like Service Accounts and RBAC for granular access control. Dockerization ensures application consistency and portability, with Vault Agent containers enabling seamless secret injection. Security best practices, including least privilege access and encryption, are prioritized, along with regular auditing and monitoring. Overall, the project aims to establish a robust secrets management solution within Kubernetes while empha- sizing resilience, security, and compliance in handling sensitive information. Index Terms—Docker, DevOps, CI/CD, Automation, Secrets, Kubernetes, Vault, Security

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Continuous Integration for New Service Deployment and Service Validation Script for Vault

Raj

2024

IJSREM

View full text Add to dashboard Cite

show abstract

“…In cryptography [12][13][14][15][16][17][18][19][20][21], key is the vital component in the cryptosystem. It is one of the biggest challenging tasks to manage them because it is the state of being legally responsible for any loss beyond the encryption and decryption process, such as people and flawed policies.…”

Section: Introductionmentioning

confidence: 99%

An Efficient Framework for Sharing a File in a Secure Manner Using Asymmetric Key Distribution Management in Cloud Environment

Pradeep

Vijayakumar

Subramaniyaswamy

2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

Cloud computing is a platform to share the data and resources used among various organizations, but the survey shows that there is always a security threat. Security is an important aspect of cloud computing. Hence, the responsibility underlines to the cloud service providers for providing security as the quality of service. However, cloud computing has many challenges in security that have not yet been addressed well. The data accessed or shared through any devices from the cloud environment are not safe because they are likely to have various attacks like Identity Access Management (IAM), hijacking an account or a service either by internal/external intruders. The cryptography places a major role to secure the data within the cloud environment. Therefore, there is a need for standard encryption/decryption mechanism to protect the data stored in the cloud, in which key is the mandatory element. Every cloud provider has its own security mechanisms to protect the key. The client cannot trust the service provider completely in spite of the fact that, at any instant, the provider has full access to both data and key. In this paper, we have proposed a new system which can prevent the exposure of the key as well as a framework for sharing a file that will ensure security (CIA) using asymmetric key and distributing it within the cloud environment using a trusted third party. We have compared RSA with ElGamal and Paillier in our proposed framework and found RSA gives a better result.

show abstract

“…[11] proposed suite of group key management protocols that allows a group of users to agree on a shared group key, which can be used to protect a shared file system stored remotely in the cloud. [12] proposes and applies key management methods to various cloud environments. [13] proposes group leader, group administrator approach.Data is shared and accessed by group member based on the group key.…”

Section: Introductionmentioning

confidence: 99%

Ternary Tree Based Approach For Accessing the Resources By Overlapping Members in Cloud Computing

Buchade¹,

Ingle²

2017

IJECE

Self Cite

View full text Add to dashboard Cite

In cloud computing, immediate access of resources is important due to cost incurred to customer by pay per use model of cloud computing. Usually resource is protected by using cryptography technique. The resource may be shared by multiple members in group. There can be overlapping members to access the multiple resources. Group key management is important to form the group key to access the resource. Group key formation time is crucial for immediate access of protected resource in cloud computing. Thus ternary tree based approach is proposed to form the key for overlapping members accessing resources. Membership event such as join and leave also considered. Through the analysis, it is found that computational overhead is reduced by 23% if ternary key trees are combined than independent ternary key trees. It is also observed that combined ternary key tree outperforms the combined binary key tree approach for group key formation by considering overlapping members. Security requirement analysis of group membership for key formation is also provided in the paper.Copyright c 2017 Institute of Advanced Engineering and Science.All rights reserved.Corresponding Author: Amar Buchade Research Scholar College of Engineering, Pune Savitribai Phule Pune University amar.buchade@gmail.com INTRODUCTIONIn recent days, the use of cloud computing is increasing. Usage of cloud based social media applications whatsapp, twitter, facebook and collaborative applications, Pay TV [1] systems are increasing. Many governments have initiated digital move including cashless transactions, m-wallet etc. Thus security is major concern over the usage of many cloud based applications. Obviously there is important role of cryptographic algorithm to secure the resource. Resource can be considered as data, applications, storage, CPU, virtual machine etc. Thus key management plays significance role to access the resources from cloud computing.In cloud computing, it is important to have instant (on demand) access of resources. It is important to form the group key within a time for immediate access of resources. For collaborative environment, group key among the members needs to be formed to protect the access of resources in cloud computing. There can be member accessing multiple resources. Such member in group/s is called overlapping member. Thus in this paper, the problem of overlapping members accessing multiple resources is proposed.Group key can be formed by TGDH approach [2], [3]. Presently for group key formation separate key trees are formed even if member has access to multiple resources. This approach leads to computational overhead to form the group key.We preferred ternary key tree approach over binary tree based approach for group key formation because as the number of members increased in ternary key tree, the height is also reduced compared to binary. Hence computational cost for forming group key is also reduced. The novelty of the approach is that it is computational efficient that the other approaches.

show abstract

Key Management for Cloud Data Storage: Methods and Comparisons

Cited by 18 publications

References 8 publications

Continuous Integration for New Service Deployment and Service Validation Script for Vault

Continuous Integration for New Service Deployment and Service Validation Script for Vault

An Efficient Framework for Sharing a File in a Secure Manner Using Asymmetric Key Distribution Management in Cloud Environment

Ternary Tree Based Approach For Accessing the Resources By Overlapping Members in Cloud Computing

Contact Info

Product

Resources

About