IBM Lotus Domino and Notes Information Center.
Microsoft Technet (March 3, 2003), Web (February 18, 2014) What Are CA Certificates? Technet Library. Michael Froomkin: The Essential Role of Trusted Third Parties in Electronic Commerce. Synalyze It! Reverse Engineering and Binary File Analysis Made Easy. Telerik (2002), Web (February 18, 2014)ĪndroChef Java Decompiler. Wireshark Foundation (1998), Web (February 18, 2014) Hacker 10 Security Hacker (September 12, 2013), Web (February 18, 2014) List of Non USA Cloud Storage Services with Client Side Encryption. List of USA Cloud Storage Services with Client Side Encryption. In: 7th USENIX Workshop on Offensive Technologies (2013) Kholia, D., Wegrzyn, P.: Looking inside the (Drop) Box. In: Peer to Peer IEEE International Conference Proceedings, pp. Mager, T., Biersack, E., Michiardi, P.: A Measurement Study of the Wuala On-line Storage Service. Fraunhofer-Verl., Stuttgart (2012) (print) Tresorit (2014), Web (February 06, 2014)īorgmann, M., Waidner, M.: On the Security of Cloud Storage Services. 100% Private Online Backup, Sync & Sharing. SearchStorage (February 2009), Web (February 06, 2014) National Institute of Standards and Technology (December 02, 2011), Web (February 06, 2014) This process is experimental and the keywords may be updated as the learning algorithm improves.īohn, R.: NIST Cloud Computing Program.
These keywords were added by machine and not by the authors. The solutions proposed are a combination of best practices associated with the use of PKI and other cryptographic primitives generally accepted for protecting the confidentiality of shared information. We have collated our analysis and findings in this paper and explore some potential solutions to address these weaknesses in these sharing methods. In this capacity, they assume the role of both certificate issuer and certificate authorizer as denoted in a Public-Key Infrastructure (PKI) scheme - which gives them the ability to view user data contradicting their claims of 100% data confidentiality. The weaknesses we uncovered primarily center around the fact that the cloud providers we evaluated (Wuala, Tresorit, and Spider Oak) were each operating in a Certificate Authority capacity to facilitate data sharing.
#Wuala storage code#
Through a combination of a Network and Source Code Analysis, this paper seeks to identify weaknesses in the third model, as it claims to offer 100% user data confidentiality throughout all data transactions. Three models exist amongst SaaS providers for protecting the confidentiality of data stored in the cloud: 1) no encryption (data is stored in plain text), 2) server-side encryption (data is encrypted once uploaded), and 3) client-side encryption (data is encrypted prior to upload). SaaS (different than Software-as-a-Service in this context) refers to an architectural model in which a cloud provider provides digital storage on their own infrastructure. With the advent of cloud computing, a number of cloud providers have arisen to provide Storage-as-a-Service (SaaS) offerings to both regular consumers and business organizations.
0 kommentar(er)
