Projects per year
Abstract
Modern times introduced a highly heterogeneous device landscape. The landscape was populated by distributed applications. These applications are used by modern multi-device users. A modern user wants to create, process, and share potentially sensitive data among her devices. For instance, start a document at the smart phone, continue on the laptop and finish the document on a tablet. A common way to protect sensitive data against disclosure and theft is cryptography. Cryptography, however, requires for all devices in question to be able to perform appropriate operations and protect the subsequent cryptographic primitives against attacks. Unfortunately, different devices have different capabilities when it comes to cryptography. Some have hardware-backed solutions available, some cannot do any cryptography at all. In general, it is hard to provide adequate (and potentially equal) cryptographic methods on every device of the modern landscape – be it rather basic and well-known schemes or new methodologies that are long awaited to stand the challenges of the cloud. In order to tackle the above mentioned status and bring cryptography to the modern multi-device user, we present CrySIL, the Cryptographic Service Interoperability Layer. CrySIL is designed as a flexible and extensible layer between the user and the cryptographic primitive. In a nutshell, CrySIL can use local key storage solutions, offers remote key storage and crypto provider deployments, and features strong authentication methodologies to constrain access to cryptographic primitives. In this work, we explain the motivation of CrySIL, describe its architecture, highlight its deployment in a typical modern use case, and reflect on achievements and shortcomings.
Original language | English |
---|---|
Title of host publication | Web Information Systems and Technologies |
Subtitle of host publication | 11th International Conference, WEBIST 2015, Lisbon, Portugal, May 20-22, 2015, Revised Selected Papers |
Editors | Valérie Monfort, Karl-Heinz Krempels, Tim A. Majchrzak, Ẑiga Turk |
Publisher | Springer |
Pages | 70-90 |
Number of pages | 20 |
Edition | 1 |
ISBN (Electronic) | 978-3-319-30996-5 |
ISBN (Print) | 978-3-319-30995-8 |
DOIs | |
Publication status | Published - 22 Mar 2016 |
Publication series
Name | Lecture Notes in Business Information Processing |
---|---|
Publisher | Springer International Publishing |
Volume | 246 |
ISSN (Electronic) | 1865-1348 |
Keywords
- Cloud security
- Central cryptographic solutions
- Advanced cryptographic protocols
- Heterogeneous applications
- Mobile devices
Fields of Expertise
- Information, Communication & Computing
Projects
- 1 Active
-
A-SIT - Secure Information Technology Center Austria
Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.
21/05/99 → 6/08/20
Project: Research area