Limited Use Cryptographic Tokens in Securing Ephemeral Cloud Servers

Gautam Kumar; Brent Lagesse

doi:10.5220/0006208704470454

Limited Use Cryptographic Tokens in Securing Ephemeral Cloud Servers

Gautam Kumar, Brent Lagesse

2017

Abstract

Many enterprises and consumers today are dependent on services deployed on Infrastructure as a Service (IaaS) cloud providers. Such cloud deployments can have hundreds of virtual servers running. Each virtual server needs to have access to sensitive information such as database passwords and API keys. In such as scenario, verifying that a large number of servers have not been compromised is an arduous task. In this paper we propose an architecture which limits the extent to which an attacker can exploit a compromised server in a large scale cloud deployment. To achieve such a limitation we propose the use of hash chains as an authentication mechanism for virtual server with a Central Trusted Authority (CTA) acting as a proxy to sensitive resources. This architecture shifts the requirement of security validation from hundreds of public facing servers to a few servers without public interfaces which comprise the CTA. Since hash chains offer an inherent limitation in their use, our architecture leans towards using ephemeral virtual servers, thus also providing a moving target defence.

Download

Paper Citation

in Harvard Style

Kumar G. and Lagesse B. (2017). Limited Use Cryptographic Tokens in Securing Ephemeral Cloud Servers . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 447-454. DOI: 10.5220/0006208704470454

in Bibtex Style

@conference{icissp17,
author={Gautam Kumar and Brent Lagesse},
title={Limited Use Cryptographic Tokens in Securing Ephemeral Cloud Servers},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={447-454},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006208704470454},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Limited Use Cryptographic Tokens in Securing Ephemeral Cloud Servers
SN - 978-989-758-209-7
AU - Kumar G.
AU - Lagesse B.
PY - 2017
SP - 447
EP - 454
DO - 10.5220/0006208704470454