Today, major IT-companies, such as Microsoft, Amazon and Google, are offering online storage services to their customers. This is a favourable solution -- as opposed to regular storage -- in terms of low costs, reliability, scalability and capacity. However, important security features such as data privacy and integrity are often absent.To address these issues, a cryptographic architecture is proposed that ensures the confidentiality and integrity of the data stored by users, independent of the trust of the provider. This includes secure sharing of private data among users of the same service.The underlying cryptographic architecture is based on existing open source systems and cryptographic primitives. The architecture was implemented as a reusable general library in Java. An Android client was created, and several performance tests were conducted. The proof of concept system shows that it is possible to implement the proposed scheme, and that the cryptographic operations does not significantly affect the user experience on an Android device. Possible weaknesses of the scheme are identified.We present a scheme for secure storage and sharing of files on an untrusted server, and argue for its validity. To support streaming functionality, the scheme could be extended with hash trees to validate small parts of a file at the time.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ntnu-13812 |
| Date | January 2011 |
| Creators | Haver, Eirik, Melvold, Eivind, Ruud, Pål |
| Publisher | Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Institutt for telematikk |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0021 seconds