Catuogno, Luigi ; Löhr, Hans ; Manulis, Mark ; Sadeghi, Ahmad-Reza ; Winandy, Marcel (2009)
Transparent Mobile Storage Protection in Trusted Virtual Domains.
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Mobile Storage Devices, such as USB flash drives, offer a flexible solution for the transport and exchange of data. Nevertheless, in order to prevent unauthorized access to sensitive data, many enterprises require strict security policies for the use of such devices with the effect of rendering their advantages rather unfruitful.
Trusted Virtual Domains (TVDs) provide a secure IT infrastructure offering a homogeneous and transparent enforcement of access control policies on data and network resources, however, the current model does not specifically deal with Mobile Storage Devices.
In this paper, we present an extension of the TVD architecture to incorporate the usage of Mobile Storage Devices. Our proposal addresses three major issues: coherent extension of TVD policy enforcement by introducing architectural components that feature identification and management of transitory devices; transparent mandatory encryption of sensitive data stored on mobile devices; and highly dynamic centralized key management service. In particular we address offline scenarios allowing users to access and modify data while being temporarily disconnected from the domain. We also present a prototype implementation based on the Turaya security kernel.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2009 |
| Autor(en): | Catuogno, Luigi ; Löhr, Hans ; Manulis, Mark ; Sadeghi, Ahmad-Reza ; Winandy, Marcel |
| Art des Eintrags: | Bibliographie |
| Titel: | Transparent Mobile Storage Protection in Trusted Virtual Domains |
| Sprache: | Deutsch |
| Publikationsjahr: | November 2009 |
| Buchtitel: | 23rd Large Installation System Administration Conference (LISA '09) |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Mobile Storage Devices, such as USB flash drives, offer a flexible solution for the transport and exchange of data. Nevertheless, in order to prevent unauthorized access to sensitive data, many enterprises require strict security policies for the use of such devices with the effect of rendering their advantages rather unfruitful. Trusted Virtual Domains (TVDs) provide a secure IT infrastructure offering a homogeneous and transparent enforcement of access control policies on data and network resources, however, the current model does not specifically deal with Mobile Storage Devices. In this paper, we present an extension of the TVD architecture to incorporate the usage of Mobile Storage Devices. Our proposal addresses three major issues: coherent extension of TVD policy enforcement by introducing architectural components that feature identification and management of transitory devices; transparent mandatory encryption of sensitive data stored on mobile devices; and highly dynamic centralized key management service. In particular we address offline scenarios allowing users to access and modify data while being temporarily disconnected from the domain. We also present a prototype implementation based on the Turaya security kernel. |
| Freie Schlagworte: | Secure Things;Mobile Storage, Trusted Computing, Trusted Virtual Domains |
| ID-Nummer: | TUD-CS-2009-1847 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 10 Mär 2016 10:18 |
| Letzte Änderung: | 03 Jun 2018 21:31 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum