FADETPM: Novel approach of file assured deletion based on trusted platform module

Abstract

Cloud Computing is emerging as a dominant approach for delivering services that encompasses a range of business and technical opportunities. However, users concerns are beginning to grow about the security and the privacy of their data. Assured deletion of data hosted in cloud providers platforms is on top of these concerns since all implemented solutions are proposed and totally controlled by the cloud services providers companies. Cryptographic based techniques, foremost among them File Assured Deletion (FADE), are a promising solution for addressing this issue. FADE achieves assured deletion of files by making them unrecoverable to anybody, including those who manage the cloud storage, upon revocations of file access policies, by encrypting all data files before outsourcing, and then using a trusted third party to outsource the cryptographic keys. Unfortunately, this system remains weak since its security relies entirely on the security of the key manager. In this chapter, we propose a new scheme that aims to improve the security of FADE by using the TPM (Trusted Platform Module). Implemented carefully in the hardware, the TPM is resistant to software attacks and hence it can allow our scheme to store safely keys, passwords and digital certificates on behalf of the cloud user. A prototype implementation of the proposed scheme shows that it provides a value-added security layer compared to FADE with a less overhead computational time.