Abstract
Cloud computing is an unparalleled innovation in the field of computer science. However, the CSPs cannot be entrusted with secret data. Data needs to be encrypted before it is uploaded to the cloud. But again, the data is only as secure as the keys used to encrypt or decrypt it. This gives rise to yet another problem, i.e., key management. This paper systematically reviews the literature, identifies the issues prevalent in key management, and presents their corresponding solutions. Post the literature review, we propose a model that borrows the best from the past efforts and fixes the shortcomings of the present models by combining all the solutions presented in this paper.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
P. Mell, T. Grance, The NIST Definition of Cloud Computing (2011)
R. Velumadhava Rao, K. Selvamani, Data Security Challenges and Its Solutions in Cloud Computing (2015)
European Parliament and the Council, General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council
R. Dowsley, M. Gabel, G. Hübsch, G. Schiefer, A. Schwichtenberg, A Distributed Key Management Approach (2016)
A.R. Buchade, R Ingle, Key Management for Cloud Data Storage: Methods and Comparisons (2014)
B. Grobauer, T. Walloschek, E. Stocker, Understanding cloud computing vulnerabilities. IEEE Secur. Privacy 9(2), 50–57 (2011)
C. Esposito, A. Castiglione, B. Martini, K.-K. Raymond Choo, Cloud Manufacturing: Security, Privacy and Forensic Concerns (2016)
R. Latif, H. Abbas, S. Assar, Q. Ali, Cloud Computing Risk Assessment: A Systematic Literature Review (2014)
H.A. Jäger, A. Monitzer, R.O. Rieken, E. Ernst, A novel set of measures against insider attacks—sealed cloud, in Lecture Notes in Informatics—Open Identity Summit 2013, ed. by D. Hühnlein, H. Roßnagel (Gesellschaft für Informatik, Bonn, 2013), pp. 187–197
D.W.K. Tse, D. Chen, Q. Liu, F. Wang, Z. Wei, Emerging Issues in Cloud Storage Security: Encryption, Key Management, Data Redundancy, Trust Mechanism (2014)
I. Indu, P.M. Rubesh Anand, S.P. Shaji, Secure File Sharing Mechanism and Key Management for Mobile Cloud Computing Environment (2016)
L. Tawalbeh, N.S. Darwazeh, R.S. Al-Qassas, F. AlDosari, A Secure Cloud Computing Model based on Data Classification (2015)
P. Paillier, Public-key cryptosystems based on composite degree residuosity classes, in Proceedings of Advances in Cryptology (Eurocrypt ‘99), Prague, Czech Republic (1999), pp. 223–238
Z.E. Dawahdeh, S.N. Yaakob, A.M. Sagheer, Modified ElGamal elliptic curve cryptosystem using hexadecimal representation. Indian J. Sci. Technol. 8(15), 1–8 (2015)
US Nat’l Inst. for Standards and Technology, Security Requirements for Cryptographic Modules, Federal Information Processing Standards Publication (2011)
S. Arun, N.R. Shanker, Data security in cloud storage using elliptical curve cryptography (2018)
M. Suárez-Albela, P. Fraga-Lamas, T.M. Fernández-Caramés, A Practical Evaluation on RSA and ECC-Based Cipher Suites for IoT High-Security Energy-Efficient Fog and Mist Computing Devices (2018)
N. Jansma, B. Arrendondo, Performance Comparison of Elliptic Curve and RSA Digital Signatures (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Purohit, H., Vaghela, R. (2021). A Hybrid Key Management System Based on ECC and Data Classification to Secure Data in the Cloud. In: Tuba, M., Akashe, S., Joshi, A. (eds) ICT Systems and Sustainability. Advances in Intelligent Systems and Computing, vol 1270. Springer, Singapore. https://doi.org/10.1007/978-981-15-8289-9_19
Download citation
DOI: https://doi.org/10.1007/978-981-15-8289-9_19
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-8288-2
Online ISBN: 978-981-15-8289-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)