-
Secure Cloud Storage with Client-Side Encryption Using a Trusted Execution Environment
Authors:
Marciano da Rocha,
Dalton Cézane Gomes Valadares,
Angelo Perkusich,
Kyller Costa Gorgonio,
Rodrigo Tomaz Pagno,
Newton Carlos Will
Abstract:
With the evolution of computer systems, the amount of sensitive data to be stored as well as the number of threats on these data grow up, making the data confidentiality increasingly important to computer users. Currently, with devices always connected to the Internet, the use of cloud data storage services has become practical and common, allowing quick access to such data wherever the user is. S…
▽ More
With the evolution of computer systems, the amount of sensitive data to be stored as well as the number of threats on these data grow up, making the data confidentiality increasingly important to computer users. Currently, with devices always connected to the Internet, the use of cloud data storage services has become practical and common, allowing quick access to such data wherever the user is. Such practicality brings with it a concern, precisely the confidentiality of the data which is delivered to third parties for storage. In the home environment, disk encryption tools have gained special attention from users, being used on personal computers and also having native options in some smartphone operating systems. The present work uses the data sealing, feature provided by the Intel Software Guard Extensions (Intel SGX) technology, for file encryption. A virtual file system is created in which applications can store their data, kee** the security guarantees provided by the Intel SGX technology, before send the data to a storage provider. This way, even if the storage provider is compromised, the data are safe. To validate the proposal, the Cryptomator software, which is a free client-side encryption tool for cloud files, was integrated with an Intel SGX application (enclave) for data sealing. The results demonstrate that the solution is feasible, in terms of performance and security, and can be expanded and refined for practical use and integration with cloud synchronization services.
△ Less
Submitted 9 March, 2020;
originally announced March 2020.
-
802.11g Signal Strength Evaluation in an Industrial Environment
Authors:
Dalton Cézane Gomes Valadares,
Joseana Macêdo Fechine Régis de Araújo,
Marco Aurélio Spohn,
Angelo Perkusich,
Kyller Costa Gorgônio,
Elmar Uwe Kurt Melcher
Abstract:
The advances in wireless network technologies and Industrial Internet of Things (IIoT) devices are easing the establishment of what is called Industry 4.0. For the industrial environments, the wireless networks are more suitable mainly due to their great flexibility, low deployment cost and for being less invasive. Although new wireless protocols are emerging or being updated, changes in existing…
▽ More
The advances in wireless network technologies and Industrial Internet of Things (IIoT) devices are easing the establishment of what is called Industry 4.0. For the industrial environments, the wireless networks are more suitable mainly due to their great flexibility, low deployment cost and for being less invasive. Although new wireless protocols are emerging or being updated, changes in existing industries generally can lead to large expenditures. As the well known and accepted IEEE 802.11g standard, mostly used in residential and commercial applications, has a low deployment and maintenance cost, many industries also decide to adopt it. In this scenario, there is a need to evaluate the signal quality to better design the network infrastructure in order to obtain good communication coverage. In this work, we present a practical study about the 802.11g signal strength in a thermoelectric power plant. We collected signal strength values in different points along the engine room and compared our measured values with the estimated ones through the Log-Distance Path Loss model. We concluded that it is possible to use this model in an industrial environment to estimate signal strength with a low error by choosing the right propagation (path loss) exponent.
△ Less
Submitted 7 January, 2020;
originally announced January 2020.
-
Achieving Data Dissemination with Security using FIWARE and Intel Software Guard Extensions (SGX)
Authors:
Dalton Cézane Gomes Valadares,
Matteus Sthefano Leite da Silva,
Andrey Elísio Monteiro Brito,
Ewerton Monteiro Salvador
Abstract:
The Internet of Things (IoT) field has gained much attention from industry and academia, being the main subject for numerous research and development projects. Frequently, the dense amount of generated data from IoT applications is sent to a cloud service, that is responsible for processing and storage. Many of these applications demand security and privacy for their data because of their sensitiv…
▽ More
The Internet of Things (IoT) field has gained much attention from industry and academia, being the main subject for numerous research and development projects. Frequently, the dense amount of generated data from IoT applications is sent to a cloud service, that is responsible for processing and storage. Many of these applications demand security and privacy for their data because of their sensitive nature. This is specially true when such data must be processed in entities hosted in public clouds, where the environment in which applications run may not be trusted. Some concerns are then raised since it is not trivial to provide the needed protection for these sensitive data. We present a solution that considers the security components of FIWARE and the Intel SGX capabilities. FIWARE is a platform created to support the development of Smart Applications, including IoT systems, and SGX is the Intel solution for Trusted Execution Environment (TEE). We propose a new component for key management that, together with other FIWARE components, can be used to provide privacy, confidentiality, and integrity guarantees for IoT data. A case study illustrates how this proposed solution can be employed in a realistic scenario, which allows the dissemination of sensitive data through public clouds without risking privacy issues. The results of the experiments provide evidence that our approach does not harm scalability or availability of the system. In addition, it presents acceptable memory costs when considering the benefit of the privacy guarantees achieved.
△ Less
Submitted 5 June, 2018;
originally announced June 2018.
