Now showing 1 - 2 of 2
  • Publication
    A Trusted Way for Encryption Key Management in Cloud Computing
    We propose an approach to provide the cryptography key management system (CKMS) as a trusted security services in Cloud Computing, based on the trusted platform module (TPM / vTPM). In this approach we have used the TPMs capabilities / functions as a secure way and a root of trust for this kind of services. Therefore, and as an application case, we have used TPMs key generation component as a trusted way to generate and to sign an encryption/signing keys by the CKMS for their customers.Index Terms Cloud Computing, Security as a Services, Cryptographic Key Management System, Trusted Platform.
  • Publication
    A New Distributed Chinese Wall Security Policy Model
    (Association of Digital Forensics, Security and Law, 2016) ; ;
    The application of the Chinese wall security policy model (CWSPM ) to control the informationflows between two or more competing and/or conflicting companies in cloud computing(Multi-tenancy) or in the social network, is a very interesting solution.The main goal of the Chinese Wall Security Policy is to build a wall between the datasetsof competing companies, and among the system subjects. This is done by the applying tothe subjects mandatory rules, in order to control the information flow caused between them.This problem is one of the hottest topics in the area of cloud computing (as a distributedsystem) and has been attempted in the past; however the proposed solutions cannot dealwith the composite information flows problem (e.g., a malicious Trojan horses problem),caused by the writing access rule imposed to the subject on the objects.In this article, we propose a new CWSP model, based on the access query type of the subjectto the objects using the concepts of the CWSP. We have two types of walls placement, thefirst type consists of walls that are built around the subject, and the second around theobject. We cannot find inside each once wall two competing objects data. We showed thatthis mechanism is a good alternative to deal with some previous models limitations. Themodel is easy to implement in a distributed system (as Cloud-Computing). It is based on thetechnique of Object Oriented Programming (Can be used in Cloud computing Software asa service SaaS) or by using the capabilities as an access control in real distributed system