Abstract | ||
---|---|---|
We provide a security analysis of modern Enterprise Rights Management (ERM) solutions and reveal security threats. We first take a look on Microsoft Azure, and discuss severe attack surfaces that companies enabling Azure in their own trusted infrastructure have to take care of. In addition, we analyze Tresorit, one of the most frequently used End-to-End encrypted cloud storage systems. Tresorit can use Azure and its Rights Management Services (RMS) module as an additional security layer: a user should be able to either trust Tresorit or Azure. Our systematic evaluation reveals a serious breach to their security architecture: we show that the whole security of Tresorit RMS relies on Tresorit being trusted, independent of trusting Azure. |
Year | Venue | Field |
---|---|---|
2016 | ARES | Internet privacy,Computer security,Computer science,Encryption,Security analysis,Rights management,Enterprise information security architecture,Cloud storage,Cloud computing |
DocType | Citations | PageRank |
Conference | 0 | 0.34 |
References | Authors | |
0 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Martin Grothe | 1 | 2 | 2.50 |
christian mainka | 2 | 66 | 10.80 |
Paul Rösler | 3 | 3 | 2.88 |
Johanna Jupke | 4 | 0 | 0.34 |
Jan Kaiser | 5 | 0 | 0.68 |
Jörg Schwenk | 6 | 899 | 88.54 |