Ownership-guaranteed security framework for the private data in the entrusted management environment

Abstract

In the environment like the Cloud computing or the picture archiving and communications systems (PACS) of the hospital, the user's data is stored in the storage of a third party. In such entrusted management environment, security is an important issue for the user's private data. The most basic solution is to encrypt user's private data. However, if the encryption key is directly managed by cloud service provider (CSP) or PACS service provider (PSP), there is latent threat when it comes to the data loss or leakage which may be committed by malicious insiders. The ownership-guaranteed security framework (OGSF) divides encryption key into a single mandatory fragment and multiple optional fragments while mandating user to store the mandatory fragment in the user's personal device and mandating CSP or PSP to manage the optional fragments. Because of this division of the management on the encryption key, the OGSF can resolve both threat from the malicious insider and the user's mistake in same time.