Design and implementation of a collaborative secure storage solution

Abstract: In the modern enterprises it is common that support and maintenance of IT environments are outsourced to third parties. In this setting, unencrypted confidential data may pose a problem since administrators maintaining the outsourced system can access confidential information if stored unencrypted. This thesis work, performed at ELITS, presents a solution to this problem; a design of a collaborative storage system where all files at rest (i.e. stored on disk) and in transit remain encrypted is proposed. The design uses a hybrid encryption scheme to protect the encryption keys used. The keys can safely be stored in a centralized database as well as sent to the clients without risk of unauthorized parties gaining access to the stored data. The design was also implemented as a proof of concept in order to establish that it was possible to realize.