Coprotect: Collaborative Management Of Cryptographic Keys For Data Security In Cloud Systems

Cryptography key management system plays a very central role in the cloud data security. Nonetheless, a great part of the current commercial solutions rely on cloud providers that hold both the encrypted data and the related private master key of their served customers in their secure key vaults, having a de-facto total control on their customer digital assets. Conversely, entrusting customer companies for key holding can be dangerous as witnessed by many cases of key loss or theft. In this work we present CoProtect, a novel architecture to protect the cryptography keys in cloud systems that leverage on the cooperation between the cloud provider and the customer company. With such trust model, we present the proposed data management strategy, the key generation and the crypto procedures, and a proof of concept.