Corpus ID: 60278872

Key Management In Distributed Systems

  title={Key Management In Distributed Systems},
  author={T. Acar and M. Belenkiy and C. Ellison and L. Nguyen},
We developed a cryptographic key management system for distributed networks. Our system handles every aspect of key management, including the key lifecycle, key distribution, access control, and cryptographic algorithm agility. Our software client accesses keys and other metadata stored in a distributed repository. Our system hides all key management tasks from the user; the user specifies a key management policy and our system enforces this policy. Clients perform key management tasks whenever… Expand
Cryptographically Verified Design and Implementation of a Distributed Key Manager
This work presents DKM, a distributed key management system with a cryptographically verified code base that implements a new data protection API, and describes several problems uncovered and fixed as part of this joint design, implementation, and verification process. Expand
Design and Verification of a Crypto-Agile Distributed
  • 2010
We present DKM, a distributed key management system. DKM implements a new data protection API. It manages cryptographic keys and policies on behalf of groups of users that share the data. To ensureExpand
High Assurance Policy-Based Key Management at Low Cost
A large scale policy-driven cryptographic key manager built with TPM security assurances is presented and the design principles and axioms, architecture and abstractions, security policy, and implementation are described. Expand
Dependability in cloud storage
This thesis proposed Mistore, a distributed storage system that is designed to ensure data availability, durability, low access latency, and data consistency by leveraging the Digital Subscriber Line (xDSL) infrastructure of an Internet Service Provider (ISP). Expand
Key Management for Cloud Data Storage: Methods and Comparisons
  • A. Buchade, Rajesh Ingle
  • Computer Science
  • 2014 Fourth International Conference on Advanced Computing & Communication Technologies
  • 2014
This paper comparesKey management methods, apply key management methods to various cloud environments and analyze symmetric key cryptography algorithms to protect sensitive information in Cloud. Expand
Management of Symmetric Cryptographic Keys in cloud based environment
  • F. Fakhar, M. A. Shibli
  • Computer Science
  • 2013 15th International Conference on Advanced Communications Technology (ICACT)
  • 2013
A technique that will manage symmetric cryptographic keys on cloud-based environment based on secret splitting technique enhanced Shamir's algorithm is presented and it is found out that the technique works efficiently. Expand
Security Agility Solution Independent of the Underlaying Protocol Architecture
The agile cryptographic negotiation protocol (ACNP) proposed in this paper provides minimal communication overhead and represents a universal and secure solution independent of the communication layer and application that uses it. Expand
Cryptographic Key Management for Smart Power Grids - Approaches and Issues
It was observed that many of the secure features are based on keys that must be maintained; therefore, secure key management techniques become the basis to securing the entire grid. Expand
Securing Private Keys in Electronic Health Records Using Session-Based Hierarchical Key Encryption
A session- based hierarchical key encryption system was developed that allows patient to have full control over certain nodes of their health records and demonstrates one way patients' privacy and security can improve using session-based hierarchical keyryption system for EHR. Expand
Secure communication for advance metering infrastructure in smart grid
The electrical power industry is in the process of integration with bidirectional information and power flow infrastructure commonly called smart grid. Advance metering infrastructure (AMI) is anExpand


Electronic key management system (EKMS)
  • R. Reininger
  • Computer Science
  • Proceedings of TCC'94 - Tactical Communications Conference
  • 1994
The paper provides an EKMS architecture overview, technical description of system components, program update, and tactical applications, and a data transfer device (DTD). Expand
Data Protection and Information Lifecycle Management
The Definitive Guide to Protecting Enterprise DataYour enterprise data is your most critical asset. If it's compromised, your business can be destroyed. Don't let that happen-leverage today'sExpand
Extensible Authentication Protocol (EAP) Key Management Framework
This document specifies the EAP key hierarchy and provides a framework for the transport and usage of keying material generated by EAP authentication algorithms, known as "methods", and also provides a system-level security analysis. Expand
The Secure Shell (SSH) Protocol Architecture
This document describes the architecture of the SSH protocol, as well as the notation and terminology used in SSH protocol documents, and discusses the SSH algorithm naming system that allows local extensions. Expand
The Kerberos Network Authentication Service (V5)
This document gives an overview and specification of Version 5 of the protocol for the Kerberos network authentication system, presently in production use at MIT's Project Athena, and at other Internet sites. Expand
The Transport Layer Security (TLS) Protocol Version 1.1
This document specifies Version 1.1 of the Transport Layer Security (TLS) protocol, which provides communications security over the Internet by allowing client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. Expand
Brewer's conjecture and the feasibility of consistent, available, partition-tolerant web services
This conjecture is proved in the asynchronous network model that it is impossible to achieve all three properties of a distributed web service: consistency, availability, and partition tolerance. Expand
Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate
A more flexible family of differential paths and a new variable birthdaying search space are described, leading to just three pairs of near-collision blocks to generate the collision, enabling construction of RSA moduli that are sufficiently short to be accepted by current CAs. Expand
The Internet Key Exchange (IKE)
ISAKMP ([MSST98]) provides a framework for authentication and key exchange but does not define them. ISAKMP is designed to be key exchange independant; that is, it is designed to support manyExpand
Towards Robust Distributed Systems (Invited Talk)
  • Principles of Distributed Computing,
  • 2000