Project description
The most valuable asset in today's information society is data, which must be stored, backed-up, and archived. Many modern storage systems secure the data using cryptography.
Protecting data at rest in storage systems poses new challenges compared to protecting data in flight, which has been the focus of communication security for some time and is well understood today. One notable difference between these two problems is that communication channels typically use a streaming interface with first-in/first-out (FIFO) characteristic, whereas storage systems must provide random access to small portions of the stored data. New techniques are needed to provide security in this context, particularly in order to protect the integrity of stored data efficiently.
Key management for secure storage
Key management is the Achilles' heel of cryptography. Keys that guard
encrypted data in a storage system must be available in order to access the
data, yet they be guarded closely. In collaboration with IBM
System Storage and IBM Tivoli Security software, we are developing novel
solutions for key management.
The research project on key lifecycle management for secure storage is in collaboration with our Storage Technologies department.
Storage integrity
Today, many users maintain data at remote storage service providers, and collaborate with each other using the shared data. It is important to guarantee the integrity of the data when the service is not trusted.
