Title :
A Secure Secondary Backup Storage with an Isolated Authentication
Author :
Bae, Kwangjin ; You, Ilsun ; Yim, Kangbin ; Son, Taeho
Author_Institution :
GigaLane Co. Ltd., Hwaseong, South Korea
Abstract :
The primary backup disks store sensitive data such as privacy information and enterprise secrets. However, they are not encrypted usually because they are shared among multiple users in real time. Nevertheless, there is no concept of additional backing up the disks except the RAID support. This paper introduces a secure secondary backup system for the primary backup disks. The proposed system encrypts the scheduled files and backups them into the secondary backup disks. The encryption process uses the encryption key provided from hardware security modules that were directly plugged into the disks during the synchronization step in which the HSMs authenticate the disk owners and then unplugged. This architecture mechanically separates the HSM from the host, makes it immune to the reverse attack at the host side and keeps the disks safe from the insider´s attack combined with a physical theft.
Keywords :
RAID; authorisation; back-up procedures; cryptography; data privacy; real-time systems; scheduling; synchronisation; HSM authentication; RAID support; disk owners; encryption key; encryption process; hardware security modules; host side; insider attack; isolated authentication; physical theft; primary backup disks store sensitive data; reverse attack; scheduled files encryption; secure secondary backup storage; Authentication; Computational modeling; Encryption; Hardware; Protocols; backup storage; data leakage prevention; hardware token; reverse engineering; secure authentication;
Conference_Titel :
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2012 Sixth International Conference on
Conference_Location :
Palermo
Print_ISBN :
978-1-4673-1328-5
DOI :
10.1109/IMIS.2012.195
