WO2011141579A3 - System and method for providing security for cloud computing resources using portable security devices - Google Patents
System and method for providing security for cloud computing resources using portable security devices Download PDFInfo
- Publication number
- WO2011141579A3 WO2011141579A3 PCT/EP2011/057871 EP2011057871W WO2011141579A3 WO 2011141579 A3 WO2011141579 A3 WO 2011141579A3 EP 2011057871 W EP2011057871 W EP 2011057871W WO 2011141579 A3 WO2011141579 A3 WO 2011141579A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- cloud computing
- key
- portable security
- request
- host computer
- Prior art date
Links
- 238000000034 method Methods 0.000 title abstract 3
- 238000004590 computer program Methods 0.000 abstract 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Remote Sensing (AREA)
- Radar, Positioning & Navigation (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
Abstract
A system, method, portable security device, and associated computer programs for secure key exchange, key storage, and key usage to secure a cloud computing system having a cloud computing service hosting computing resources and providing means for accessing the resources through a network, a host computer and a portable security device connected to the host computer. The method includes associating a first key with a first computing resource hosted on the cloud computing service and storing the first key on the portable security device. A host computer is operated to request the portable security device to sign a request to access the first computing resource using the first key. The signed request to access the first computing resource is transmitted from the host computer to the cloud computing service. The cloud computing service is operated to verify the signature on the request as corresponding to the first key.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US34500910P | 2010-05-14 | 2010-05-14 | |
US61/345,009 | 2010-05-14 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2011141579A2 WO2011141579A2 (en) | 2011-11-17 |
WO2011141579A3 true WO2011141579A3 (en) | 2012-01-05 |
Family
ID=44343942
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2011/057871 WO2011141579A2 (en) | 2010-05-14 | 2011-05-16 | System and method for providing security for cloud computing resources using portable security devices |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2011141579A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103843303B (en) * | 2012-11-22 | 2017-03-29 | 华为技术有限公司 | The management control method and device of virtual machine, system |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2702724B1 (en) * | 2011-04-26 | 2017-03-29 | Telefonaktiebolaget LM Ericsson (publ) | Secure virtual machine provisioning |
CN102347957A (en) * | 2011-11-18 | 2012-02-08 | 王鑫 | Cloud network admission identifying system and admission identifying technology |
CN102790799B (en) * | 2012-06-05 | 2015-01-21 | 电子科技大学 | Resource downloading method based on cloud security service |
US9497194B2 (en) * | 2013-09-06 | 2016-11-15 | Oracle International Corporation | Protection of resources downloaded to portable devices from enterprise systems |
EP2953290A1 (en) * | 2014-06-06 | 2015-12-09 | Gemalto SA | Management of high number of unique keys by a secure element |
US9832024B2 (en) | 2015-11-13 | 2017-11-28 | Visa International Service Association | Methods and systems for PKI-based authentication |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1349031A1 (en) * | 2002-03-18 | 2003-10-01 | Ubs Ag | Secure user and data authentication over a communication network |
US20040088545A1 (en) * | 2002-10-31 | 2004-05-06 | Foster Ward Scott | Secure resource |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7748609B2 (en) | 2007-08-31 | 2010-07-06 | Gemalto Inc. | System and method for browser based access to smart cards |
-
2011
- 2011-05-16 WO PCT/EP2011/057871 patent/WO2011141579A2/en active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1349031A1 (en) * | 2002-03-18 | 2003-10-01 | Ubs Ag | Secure user and data authentication over a communication network |
US20040088545A1 (en) * | 2002-10-31 | 2004-05-06 | Foster Ward Scott | Secure resource |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103843303B (en) * | 2012-11-22 | 2017-03-29 | 华为技术有限公司 | The management control method and device of virtual machine, system |
Also Published As
Publication number | Publication date |
---|---|
WO2011141579A2 (en) | 2011-11-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2011141579A3 (en) | System and method for providing security for cloud computing resources using portable security devices | |
WO2012024420A3 (en) | Viral offers | |
WO2010105246A3 (en) | Accessing resources based on capturing information from a rendered document | |
WO2010135108A3 (en) | Portable secure computing network | |
WO2009145987A3 (en) | System, method, and apparatus for single sign-on and managing access to resources across a network | |
WO2013003265A3 (en) | Persistent key access to a resources in a collection | |
WO2014036540A3 (en) | Network service system and method with off-heap caching | |
WO2012094205A3 (en) | Methods and systems for providing a signed digital certificate in real time | |
WO2009102915A3 (en) | Systems and methods for secure handling of secure attention sequences | |
WO2012024118A3 (en) | Apparatus and method for managing software applications using partitioned data storage devices | |
GB201010546D0 (en) | Method of indentity verification | |
WO2013106094A3 (en) | System and method for device registration and authentication | |
WO2014059438A3 (en) | Verifying the geographic location of a workload in a cloud computing environment | |
WO2012024508A3 (en) | Systems and methods for securing virtual machine computing environments | |
IN2014DN09465A (en) | ||
MX345061B (en) | Method, one or more computer-readable non-transitory storage media and a device, in particular relating to computing resources and/or mobile-device-based trust computing. | |
CA2832447C (en) | Document management system using printer emulation | |
WO2010103466A3 (en) | Integrity verification using a peripheral device | |
MX339108B (en) | Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements. | |
MX2011012671A (en) | Trusted integrity manager (tim). | |
MX362308B (en) | Method and system for verifying an access request. | |
WO2013081983A3 (en) | Migrating authenticated content towards content consumer | |
WO2012177581A3 (en) | Virtual identity manager | |
EP2505021A4 (en) | Method, apparatus and system for accessing an application across a plurality of computers | |
MX2016006056A (en) | Solar charger energy management and monitoring system. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11730236 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 11730236 Country of ref document: EP Kind code of ref document: A2 |