The Smart and Secure Protocol for Mobile Office Environments

In this paper, we deal with largely two problems in the networked collaborative computing environments between the cloud computing service and TPM chip as a mobile convergent technology. Firstly, we solve the security problem from inside attackers, which has been social issues, for example, 45 % of the attacks are conducted by insiders according to [18]. The substantial reason of this problem is that server managers are regarded trustworthy. Hence, we propose Encrypted DB Retrieval System whose server manager cannot access on real data (plaintexts) in Mobile Office Environments of the cloud datacenter. Secondly, cloud computing has limitless computing resources; however, it faces with the vulnerability of security. On the other hand, the TPM technology has been regarded as a high level of physical security; however, it has the severe limitation of use such as hardware constraints or limited amount of non-volatile memory (NVRAM). To produce synergic effects between the two technologies, we combine two applications (cloud datacenter service, TPM chip) as a mobile convergent technology. Consequently, this system is secure against both of the insiders and outsiders, the cloud computing service can improve security weaknesses.

[1]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[2]  Jung Hee Cheon,et al.  Known-plaintext cryptanalysis of the Domingo-Ferrer algebraic privacy homomorphism scheme , 2006, Inf. Process. Lett..

[3]  Gene Tsudik,et al.  Aggregation Queries in the Database-As-a-Service Model , 2006, DBSec.

[4]  Josep Domingo-Ferrer,et al.  A Provably Secure Additive and Multiplicative Privacy Homomorphism , 2002, ISC.

[5]  R. Power CSI/FBI computer crime and security survey , 2001 .

[6]  Ramakrishna Kotla,et al.  Pasture: Secure Offline Data Access Using Commodity Trusted Hardware , 2012, OSDI.

[7]  David A. Wagner,et al.  Cryptanalysis of an Algebraic Privacy Homomorphism , 2003, ISC.

[8]  Dong Hoon Lee,et al.  Efficient keyword index search over encrypted documents of groups , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[9]  J. Ferrer A new privacy homomorphism and applications , 1996 .

[10]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[11]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[12]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[13]  Sabah Jassim,et al.  SecurePhone: a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly , 2006, SPIE Defense + Commercial Sensing.

[14]  Alec Wolman,et al.  cTPM: A Cloud TPM for Cross-Device Trusted Applications , 2014, NSDI.

[15]  Ali Al-Qayedi,et al.  Combined Web/mobile authentication for secure Web access control , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[16]  Jong Wook Hong,et al.  Combined Authentication-Based Multilevel Access Control in Mobile Application for DailyLifeService , 2010, IEEE Transactions on Mobile Computing.