KISS: "Key It Simple and Secure" corporate key management

Zongwei Zhou; Jun Han; Yue Hsun Lin; Adrian Perrig; Virgil Gligor

doi:10.1007/978-3-642-38908-5_1

KISS: "Key It Simple and Secure" corporate key management

Zongwei Zhou, Jun Han, Yue Hsun Lin, Adrian Perrig, Virgil Gligor

Department of Electrical and Electronic Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Citations (Scopus)

Abstract

Deploying a corporate key management system faces fundamental challenges, such as fine-grained key usage control and secure system administration. None of the current commercial systems (either based on software or hardware security modules) or research proposals adequately address both challenges with small and simple Trusted Computing Base (TCB). This paper presents a new key management architecture, called KISS, to enable comprehensive, trustworthy, user-verifiable, and cost-effective key management. KISS protects the entire life cycle of cryptographic keys. In particular, KISS allows only authorized applications and/or users to use the keys. Using simple devices, administrators can remotely issue authenticated commands to KISS and verify system output. KISS leverages readily available commodity hardware and trusted computing primitives to design system bootstrap protocols and management mechanisms, which protects the system from malware attacks and insider attacks.

Original language	English
Title of host publication	Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings
Pages	1-18
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-642-38908-5_1
Publication status	Published - 2013
Event	6th International Conference on Trust and Trustworthy Computing, TRUST 2013 - London, United Kingdom Duration: 2013 Jun 17 → 2013 Jun 19

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	7904 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	6th International Conference on Trust and Trustworthy Computing, TRUST 2013
Country/Territory	United Kingdom
City	London
Period	13/6/17 → 13/6/19

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-642-38908-5_1

Cite this

Zhou, Z., Han, J., Lin, Y. H., Perrig, A., & Gligor, V. (2013). KISS: "Key It Simple and Secure" corporate key management. In Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings (pp. 1-18). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7904 LNCS). https://doi.org/10.1007/978-3-642-38908-5_1

@inproceedings{f01fb92ea0b440b9ab229b2caa79771e,

title = "KISS: {"}Key It Simple and Secure{"} corporate key management",

abstract = "Deploying a corporate key management system faces fundamental challenges, such as fine-grained key usage control and secure system administration. None of the current commercial systems (either based on software or hardware security modules) or research proposals adequately address both challenges with small and simple Trusted Computing Base (TCB). This paper presents a new key management architecture, called KISS, to enable comprehensive, trustworthy, user-verifiable, and cost-effective key management. KISS protects the entire life cycle of cryptographic keys. In particular, KISS allows only authorized applications and/or users to use the keys. Using simple devices, administrators can remotely issue authenticated commands to KISS and verify system output. KISS leverages readily available commodity hardware and trusted computing primitives to design system bootstrap protocols and management mechanisms, which protects the system from malware attacks and insider attacks.",

author = "Zongwei Zhou and Jun Han and Lin, {Yue Hsun} and Adrian Perrig and Virgil Gligor",

year = "2013",

doi = "10.1007/978-3-642-38908-5_1",

language = "English",

isbn = "9783642389078",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "1--18",

booktitle = "Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings",

note = "6th International Conference on Trust and Trustworthy Computing, TRUST 2013 ; Conference date: 17-06-2013 Through 19-06-2013",

}

Zhou, Z, Han, J, Lin, YH, Perrig, A & Gligor, V 2013, KISS: "Key It Simple and Secure" corporate key management. in Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7904 LNCS, pp. 1-18, 6th International Conference on Trust and Trustworthy Computing, TRUST 2013, London, United Kingdom, 13/6/17. https://doi.org/10.1007/978-3-642-38908-5_1

KISS: "Key It Simple and Secure" corporate key management. / Zhou, Zongwei; Han, Jun; Lin, Yue Hsun et al.
Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings. 2013. p. 1-18 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7904 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - KISS

T2 - 6th International Conference on Trust and Trustworthy Computing, TRUST 2013

AU - Zhou, Zongwei

AU - Han, Jun

AU - Lin, Yue Hsun

AU - Perrig, Adrian

AU - Gligor, Virgil

PY - 2013

Y1 - 2013

N2 - Deploying a corporate key management system faces fundamental challenges, such as fine-grained key usage control and secure system administration. None of the current commercial systems (either based on software or hardware security modules) or research proposals adequately address both challenges with small and simple Trusted Computing Base (TCB). This paper presents a new key management architecture, called KISS, to enable comprehensive, trustworthy, user-verifiable, and cost-effective key management. KISS protects the entire life cycle of cryptographic keys. In particular, KISS allows only authorized applications and/or users to use the keys. Using simple devices, administrators can remotely issue authenticated commands to KISS and verify system output. KISS leverages readily available commodity hardware and trusted computing primitives to design system bootstrap protocols and management mechanisms, which protects the system from malware attacks and insider attacks.

AB - Deploying a corporate key management system faces fundamental challenges, such as fine-grained key usage control and secure system administration. None of the current commercial systems (either based on software or hardware security modules) or research proposals adequately address both challenges with small and simple Trusted Computing Base (TCB). This paper presents a new key management architecture, called KISS, to enable comprehensive, trustworthy, user-verifiable, and cost-effective key management. KISS protects the entire life cycle of cryptographic keys. In particular, KISS allows only authorized applications and/or users to use the keys. Using simple devices, administrators can remotely issue authenticated commands to KISS and verify system output. KISS leverages readily available commodity hardware and trusted computing primitives to design system bootstrap protocols and management mechanisms, which protects the system from malware attacks and insider attacks.

UR - http://www.scopus.com/inward/record.url?scp=84884658327&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84884658327&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-38908-5_1

DO - 10.1007/978-3-642-38908-5_1

M3 - Conference contribution

AN - SCOPUS:84884658327

SN - 9783642389078

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1

EP - 18

BT - Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings

Y2 - 17 June 2013 through 19 June 2013

ER -

Zhou Z, Han J, Lin YH, Perrig A, Gligor V. KISS: "Key It Simple and Secure" corporate key management. In Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings. 2013. p. 1-18. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-38908-5_1

KISS: "Key It Simple and Secure" corporate key management

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this