Humboldt-Universität zu Berlin - Mathematisch-Naturwissenschaftliche Fakultät - Institut für Informatik

Verteidigung Masterarbeit Erik Nellessen

  • Wann 07.09.2016 von 09:05 bis 10:30
  • Wo 12489 Berlin, Rudower Chaussee 25, Haus III, Raum 113
  • iCal

Herr Erik Nellessen verteidigt seine Masterarbeit zum Thema "Transparency and Security for Client-Side Encrypting Cloud Storage Applications"


Abstract:

Cloud storage applications are wide-spread in these days. They provide availability and reliability for their users’ data. In the status quo, most users do not use client-side encrypting cloud storage applications. That means that their files are transferred to the cloud storage as plaintext. Because of that, cloud storage providers are able to read those files. The privacy of the cloud storage users cannot be guaranteed. At the same time, we witness extensive surveillance of digital communication by secret services. Even if the cloud storage providers respect their users’ privacy, secret services can make them release their users’ data. This is why we have to do client-side encryption to protect our privacy. That means that the users’ files are encrypted before they are transferred to the cloud storage. We discuss what has to be considered when designing a client-side encrypted cloud storage system.

While doing this, we also focus on usability. This includes integrating our solution transparently. That means that users can still use the cloud storage application they are familiar with. They do not have to get used to another application. Many users

use proprietary software to access their cloud storage. We show how it can be confined in order to prevent it from harming the users’ privacy.

Lastly, we add a token to our system. A token is a small device, e.g. a smartcard or a smartphone. It contains a secret needed for the decryption of the user’s files. The user can use the token to decrypt the cloud storage files on any PC system. A token can increase availability of the data and add security and usability to the system. We point out what has to be considered to provide a significant gain in security when integrating the token into the system. At the same time, we describe ways to provide usability in our solution. Ultimately, we describe measures to help people to enjoy the comfort of cloud storages while preserving their privacy.

 

Alle Interessierten sind herzlich eingeladen.