Projects per year
Abstract
Current application and device landscapes became a harsh environment for data security. Multi-device users
enjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous device
landscape. However, today’s data protection mechanisms fell behind in taking care of some current use cases
and application scenarios. We perform a case study and an in-depth security analysis and risk assessment
on a simplified set of three different cryptographic service provider types; software, hardware, and remote.
Our case study shows that different provider types can change application characteristics considerably. Our
security analysis and risk assessment shows how different provider types can influence the security properties
of a set of use cases. We found that no one provider can excel for every cryptographic task. Based on these
findings we formulate a list of features which we believe are crucial to get the data protection mechanisms
up to speed again so that everyone can again benefit from data security even in a world of highly distributed
applications and data.
enjoy the convenience and efficiency of modern distributed applications in a highly heterogeneous device
landscape. However, today’s data protection mechanisms fell behind in taking care of some current use cases
and application scenarios. We perform a case study and an in-depth security analysis and risk assessment
on a simplified set of three different cryptographic service provider types; software, hardware, and remote.
Our case study shows that different provider types can change application characteristics considerably. Our
security analysis and risk assessment shows how different provider types can influence the security properties
of a set of use cases. We found that no one provider can excel for every cryptographic task. Based on these
findings we formulate a list of features which we believe are crucial to get the data protection mechanisms
up to speed again so that everyone can again benefit from data security even in a world of highly distributed
applications and data.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 14th International Joint Conference on e-Business and Telecommunications |
| Place of Publication | Portugal |
| Publisher | SciTePress |
| Pages | 367-374 |
| Number of pages | 8 |
| Volume | 4 |
| ISBN (Print) | 978-989-758-259-2 |
| DOIs | |
| Publication status | Published - Jul 2017 |
Keywords
- Applied Cryptography
- Cryptographic Service Providers
- Cloud
ASJC Scopus subject areas
- Computer Science(all)
Fields of Expertise
- Information, Communication & Computing
Treatment code (Nähere Zuordnung)
- Experimental
Projects
- 1 Active
-
A-SIT - Secure Information Technology Center Austria
Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.
21/05/99 → 6/08/20
Project: Research area