Résumé: Cloud computing has become very popular and many mobile IT users are accessing business data and services without going through corporate networks. In this context the common security mechanism of most services and interactions is based on the encryption/signing keys, which themselves depend highly on the cryptographic key management system (CKMS) itself. Outsourcing CKMS to the cloud Computing as a trusted security as a service (CKMS_SecaaS) remains a real challenge, which we deal to the establishing of the trust between customers and service providers problems. To deal with this challenge we have proposed an approach that provides a CKMS_SecaaS based on the trusted platform module (TPM), which is the foundation for the trust, keys generation, and SecaaS authentication. In this paper, we propose an approach for keys security based on Chinese Wall Security Policy (CWSP) as a dynamic firewall mechanism, which it is for access and information flow control. We note that, the TPM with CKMS_SecaaS are considered a real shared environment, they host and manage a lot of objects (keys and related data), objects belong to different users groups, and they are considered sensitive data (encryption keys). Therefore, the CWSP is a very interesting candidates to our context, which it provides the creation of walls between companies' objects based on an access control rules.

Langue: Anglais
Thème Informatique

Mots clés:
cloud computing
SecaaS
Encryption key management system
Chinese wall security policy