你的云在我的公司:重新审视现代版权管理服务

2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI:10.1109/ARES.2016.69

M. Grothe, Christian Mainka, Paul Rösler, Johanna Jupke, Jan Kaiser, Jörg Schwenk

{"title":"你的云在我的公司:重新审视现代版权管理服务","authors":"M. Grothe, Christian Mainka, Paul Rösler, Johanna Jupke, Jan Kaiser, Jörg Schwenk","doi":"10.1109/ARES.2016.69","DOIUrl":null,"url":null,"abstract":"We provide a security analysis of modern Enterprise Rights Management (ERM) solutions and reveal security threats. We first take a look on Microsoft Azure, and discuss severe attack surfaces that companies enabling Azure in their own trusted infrastructure have to take care of. In addition, we analyze Tresorit, one of the most frequently used End-to-End encrypted cloud storage systems. Tresorit can use Azure and its Rights Management Services (RMS) module as an additional security layer: a user should be able to either trust Tresorit or Azure. Our systematic evaluation reveals a serious breach to their security architecture: we show that the whole security of Tresorit RMS relies on Tresorit being trusted, independent of trusting Azure.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Your Cloud in My Company: Modern Rights Management Services Revisited\",\"authors\":\"M. Grothe, Christian Mainka, Paul Rösler, Johanna Jupke, Jan Kaiser, Jörg Schwenk\",\"doi\":\"10.1109/ARES.2016.69\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We provide a security analysis of modern Enterprise Rights Management (ERM) solutions and reveal security threats. We first take a look on Microsoft Azure, and discuss severe attack surfaces that companies enabling Azure in their own trusted infrastructure have to take care of. In addition, we analyze Tresorit, one of the most frequently used End-to-End encrypted cloud storage systems. Tresorit can use Azure and its Rights Management Services (RMS) module as an additional security layer: a user should be able to either trust Tresorit or Azure. Our systematic evaluation reveals a serious breach to their security architecture: we show that the whole security of Tresorit RMS relies on Tresorit being trusted, independent of trusting Azure.\",\"PeriodicalId\":216417,\"journal\":{\"name\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2016.69\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference on Availability, Reliability and Security (ARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2016.69","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

我们提供现代企业权限管理(ERM)解决方案的安全分析，并揭示安全威胁。我们首先看一下微软Azure，并讨论在自己的可信基础设施中启用Azure的公司必须注意的严重攻击面。此外，我们还分析了最常用的端到端加密云存储系统之一treit。treresort可以使用Azure及其权限管理服务(RMS)模块作为额外的安全层:用户应该能够信任treresort或Azure。我们的系统评估显示，他们的安全架构存在严重漏洞:我们表明，treresort RMS的整体安全性依赖于treresort被信任，独立于受信任的Azure。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Your Cloud in My Company: Modern Rights Management Services Revisited

We provide a security analysis of modern Enterprise Rights Management (ERM) solutions and reveal security threats. We first take a look on Microsoft Azure, and discuss severe attack surfaces that companies enabling Azure in their own trusted infrastructure have to take care of. In addition, we analyze Tresorit, one of the most frequently used End-to-End encrypted cloud storage systems. Tresorit can use Azure and its Rights Management Services (RMS) module as an additional security layer: a user should be able to either trust Tresorit or Azure. Our systematic evaluation reveals a serious breach to their security architecture: we show that the whole security of Tresorit RMS relies on Tresorit being trusted, independent of trusting Azure.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 11th International Conference on Availability, Reliability and Security (ARES)

自引率

0.00%

发文量