Sion et al., 2011 - Google Patents
Fighting mallory the insider: Strong write-once read-many storage assurancesSion et al., 2011
View PDF- Document ID
- 749375008428278735
- Author
- Sion R
- Chen Y
- Publication year
- Publication venue
- IEEE Transactions on Information Forensics and Security
External Links
Snippet
We introduce a Write-Once Read-Many (WORM) storage system providing strong assurances of data retention and compliant migration, by leveraging trusted secure hardware in close data proximity. This is important because existing compliance storage …
- 238000003860 storage 0 title abstract description 50
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111951004B (en) | Method and system for world state integrity verification | |
| US20100088528A1 (en) | Method and apparatus for tamper-proof wirte-once-read-many computer storage | |
| US7996679B2 (en) | System and method for performing a trust-preserving migration of data objects from a source to a target | |
| CN112889040B (en) | Database Management | |
| Kallahalla et al. | Plutus: Scalable secure file sharing on untrusted storage | |
| CN108076057B (en) | Data security system and method based on block chain | |
| Kher et al. | Securing distributed storage: challenges, techniques, and systems | |
| US8205090B2 (en) | Secure recovery in a serverless distributed file system | |
| US7401220B2 (en) | On-disk file format for a serverless distributed file system | |
| US7478243B2 (en) | On-disk file format for serverless distributed file system with signed manifest of file modifications | |
| EP2176984A2 (en) | Creating and validating cryptographically secured documents | |
| EP2168301A2 (en) | Updating and validating documents secured cryptographically | |
| CN111859411A (en) | Method and system for access authorization of multi-subject device | |
| CN119046912B (en) | A comprehensive security management system for trusted data space | |
| Peterson et al. | Design and Implementation of Verifiable Audit Trails for a Versioning File System. | |
| Sion | Strong worm | |
| Naor et al. | Toward securing untrusted storage without public-key operations | |
| Burns et al. | Verifiable audit trails for a versioning file system | |
| Sion et al. | Fighting mallory the insider: Strong write-once read-many storage assurances | |
| Kumar et al. | Improved write access control and stronger freshness guarantee to outsourced data | |
| US20250110835A1 (en) | Cryptographic method to certify retention lock status with an embedded verification log in a backup system | |
| US20250112789A1 (en) | Cryptographic method to certify retention lock status for opaque data in a backup system | |
| US20250111061A1 (en) | Cryptographic method to certify retention lock status for auditing in a backup system | |
| Mugisha et al. | A TPM-based secure multi-cloud storage architecture grounded on erasure codes | |
| Oprea | Efficient cryptographic techniques for securing storage systems |