Skip to Main Content
Confidential data stored on mass storage devices is at risk to be disclosed to persons getting physical or administrator access to the device. Encrypting the data reduces this risk, at the cost of more cumbersome administration. In this publication, we examine the problem of encrypted data storage in a grid computing environment, where storage capacity and data is shared across organizational boundaries. We propose an architecture that allows users to store and share encrypted data in this environment. Access to decryption keys is granted based on the grids data access permissions. The system is therefore usable as an additional security feature together with a classical access control mechanism. Data owners can choose different tradeoffs of security versus efficiency. Storage servers need not to be trusted and common access control models are supported.