Skip to main content
SpringerLink
Log in
Book cover

Trusted Cloud Computing pp 177–186Cite as

Data Protection in the Cloud - The MimoSecco Approach

  • Chapter
  • First Online:

  • 1417 Accesses

Abstract

Cloud Computing is a technology with vast impact on IT systems. Costs can be significantly reduced through on demand purchase of CPU time, memory and storage, offering high flexibility. The main reason to avoid cloud technology still is security. This leads to a lack of trust in cloud services. Most cloud providers secure their systems only against external adversaries by using firewalls and secure connections. Internal adversaries, however, remain a big threat in this scenario. Especially when using mobile devices as clients, usable security with a low performance impact remains a challenge. In this paper, we present concepts for using software as a service with mobile devices while guaranteeing a high level of data protection. MimoSecco uses an innovative encryption scheme and hard to clone secure hardware to guarantee data protection. Top secret data is encrypted directly, processible confidential data is encrypted and fragmented by the database proxy and transferred to different servers. Context based access control makes the misuse of mobile devices for unauthorized data access difficult. These set of measures raises the privacy level of cloud computing significantly.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. S.D.C. Vimercati, S. Paraboschi, P. Samarati: Access Control: Principles and Solutions. Software—Practice and Experience, vol. 33, no. 5, 2003, p. 397-421.

    Google Scholar 

  2. M. Benantar: Mandatory-Access-Control Model. Access Control Systems: Security, Identity Management and Trust Models, 2006, p. 129-146.

    Google Scholar 

  3. B.W. Lampson: Protection. Operation Systems Review, vol. 1., no. 8, 1974, p. 18-24.

    Google Scholar 

  4. R.S. Sandhu, P. Samarati: Access control: principle and practice, Communications Magazine, IEEE, vol.32, no.9, Sept. 1994, p. 40-48.

    Google Scholar 

  5. R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman: Role-based access control models. Computer, 29(2), 1996, p. 38-47.

    Google Scholar 

  6. A.K. Dey: Understanding and Using Context. Personal and Ubiquitous Computing Journal, vol. 5, no. 1, 2001, p. 3-7.

    Google Scholar 

  7. G. Chen, D. Kotz: A Survey of Context-Aware Mobile Computing Research. Technical Report TR2000-381, Department of Computer Science, Dartmouth College, Hanover, NH, USA, 2000.

    Google Scholar 

  8. O. Stiemerling, J. Hartung: Computer und Recht: Zeitschrift f¨ur die Praxis des Rechts der Informationstechnologien, K¨oln, 1/2012, p. 60-68.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Karlsruhe Institute of Technology, Institute AIFB, Karlsruhe, Germany

    Jonas Lehner, Andreas Oberweis & Gunther Schiefer

Authors
  1. Jonas Lehner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andreas Oberweis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gunther Schiefer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jonas Lehner .

Editor information

Editors and Affiliations

  1. Technische Universität München, fortiss - An-Institut Technische Universität München, Munich, Germany

    Helmut Krcmar

  2. Karlsruhe Institute of Technology, FZI - Forschungszentrum Informatik am KIT, Karlsruhe, Germany

    Ralf Reussner

  3. RWTH Aachen, RIT - Rumpe Information Technologies, Aachen, Germany

    Bernhard Rumpe

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Lehner, J., Oberweis, A., Schiefer, G. (2014). Data Protection in the Cloud - The MimoSecco Approach. In: Krcmar, H., Reussner, R., Rumpe, B. (eds) Trusted Cloud Computing. Springer, Cham. https://doi.org/10.1007/978-3-319-12718-7_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12718-7_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12717-0

  • Online ISBN: 978-3-319-12718-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation