Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control
In this paper we propose a protocol that allows end-users in a decentralized setup (without requiring any trusted third party) to protect data shipped to remote servers using two factors - knowledge (passwords) and possession (a time based one time password generation for authentication) that is por...
Saved in:
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/81018 http://hdl.handle.net/10220/43444 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-81018 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-810182020-03-07T11:48:45Z Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control Esiner, Ertem Datta, Anwitaman School of Computer Science and Engineering Proceedings of the 17th International Conference on Distributed Computing and Networking (ICDCN '16) Layered security Multi-factor access control In this paper we propose a protocol that allows end-users in a decentralized setup (without requiring any trusted third party) to protect data shipped to remote servers using two factors - knowledge (passwords) and possession (a time based one time password generation for authentication) that is portable. The protocol also supports revocation and recreation of a new possession factor if the older possession factor is compromised, provided the legitimate owner still has a copy of the possession factor. Furthermore, akin to some other recent works, our approach naturally protects the outsourced data from the storage servers themselves, by application of encryption and dispersal of information across multiple servers. We also extend the basic protocol to demonstrate how collaboration can be supported even while the stored content is encrypted, and where each collaborator is still restrained from accessing the data through a multi-factor access mechanism. Such techniques achieving layered security is crucial to (opportunistically) harness storage resources from untrusted entities. MOE (Min. of Education, S’pore) Accepted version 2017-07-26T02:26:29Z 2019-12-06T14:19:40Z 2017-07-26T02:26:29Z 2019-12-06T14:19:40Z 2016 Conference Paper Esiner, E., & Datta, A. (2016). Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control. Proceedings of the 17th International Conference on Distributed Computing and Networking, 9-. https://hdl.handle.net/10356/81018 http://hdl.handle.net/10220/43444 10.1145/2833312.2833452 en © 2016 ACM. This is the author created version of a work that has been peer reviewed and accepted for publication by Proceedings of the 17th International Conference on Distributed Computing and Networking, ACM. It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: [http://dx.doi.org/10.1145/2833312.2833452]. 10 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
Layered security Multi-factor access control |
| spellingShingle |
Layered security Multi-factor access control Esiner, Ertem Datta, Anwitaman Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control |
| description |
In this paper we propose a protocol that allows end-users in a decentralized setup (without requiring any trusted third party) to protect data shipped to remote servers using two factors - knowledge (passwords) and possession (a time based one time password generation for authentication) that is portable. The protocol also supports revocation and recreation of a new possession factor if the older possession factor is compromised, provided the legitimate owner still has a copy of the possession factor. Furthermore, akin to some other recent works, our approach naturally protects the outsourced data from the storage servers themselves, by application of encryption and dispersal of information across multiple servers. We also extend the basic protocol to demonstrate how collaboration can be supported even while the stored content is encrypted, and where each collaborator is still restrained from accessing the data through a multi-factor access mechanism. Such techniques achieving layered security is crucial to (opportunistically) harness storage resources from untrusted entities. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Esiner, Ertem Datta, Anwitaman |
| format |
Conference or Workshop Item |
| author |
Esiner, Ertem Datta, Anwitaman |
| author_sort |
Esiner, Ertem |
| title |
Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control |
| title_short |
Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control |
| title_full |
Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control |
| title_fullStr |
Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control |
| title_full_unstemmed |
Layered Security for Storage at the Edge: On Decentralized Multi-factor Access Control |
| title_sort |
layered security for storage at the edge: on decentralized multi-factor access control |
| publishDate |
2017 |
| url |
https://hdl.handle.net/10356/81018 http://hdl.handle.net/10220/43444 |
| _version_ |
1681035450554253312 |