Implementasi Secure Storage Menggunakan Metode Full Disk Encryption dan Tamper Proof pada Cloud Storage

Authors

  • Barok Rizqi Badan Siber dan Sandi Negara
  • Andriani Adi Lestari Politeknik Siber dan Sandi Negara

DOI:

https://doi.org/10.56706/ik.v17i1.66

Keywords:

VPN, Cloud storage, LUKS full disk encryption

Abstract

Currently, storage development has shifted to internet-based storage, or cloud storage, as online storage media. Cloud storage is becoming more popular among the public due to several advantages, including the fact that when the storage on personal computers runs out, users do not need to purchase new storage devices or incur additional costs for device maintenance. However, using such online storage can increase risks such as unauthorized access, data leakage, sensitive data, and privacy rights. This study proposes a prototype secure personal cloud storage system with physical database protection. The device has data encryption features that use full disk encryption to secure data on the server, VPN to secure communication between user and server, and tamper proof to physically secure the database. The test results show that the implementation of secure storage affects the performance of cloud storage, as evidenced by the decrease in data write speed from 19.87 Mb/s to 15.75 Mb/s after the implementation of LUKS full disk encryption. On the security side of data transmission, OpenVPN can secure the transmission between the user and the server. This is evidenced by sniffing testing using wireshark tools which shows that data transmission has been encapsulated by the OpenVPN application. In unit testing carried out on LUKS, it proved that the number of LUKS version 2 key slots corresponds to the reference, which is a maximum of 32 key slots. The last test proves that the tamper proof mechanism can work as expected. The tamper proof mechanism works when the device detects an indication of an attack on the physical device. The tests carried out were destroying the device casing using a hammer, opening the casing bolt, and a saw. The test results show that the device will perform damage to the SSD when the attack indication exceeds the tolerance value.

References

A. Faizianur, Rancang Bangun Aplikasi Secure Data Sharing pada Cloud Storage dengan Menerapkan Metode Secure Data Sharing in Clouds ( SeDaSC ), Teknik Persandian, Sekolah Tinggi Sandi Negara. 2019.

S. Bhalla, P. Kwan, M. Bedekar, and R. Phalnikar, Song recommendation system using hybrid approach, Proceeding of International Conference on Computational Science and Applications. 2019.

P. Yang, N. Xiong, and J. Ren, “Data Security and Privacy Protection for Cloud Storage: A Survey,” IEEE Access, vol. 8, pp. 131723–131740, 2020, doi: 10.1109/ACCESS.2020.3009876.

L. S. Negara, “Peraturan kepala Lembaga Sandi Negara Nomor 10 Tahun 2012 Tentang Pedoman Pengelolaan Dan Perlindungan Informasia Berklasifikasi Milik Pemerintah,” no. April 2007, pp. 1– 14, 2012.

R. Indonesia, “UNDANG-UNDANG REPUBLIK INDONESIA NOMOR 14 TAHUN 2008 TENTANG KETERBUKAAN INFORMASI PUBLIK," pp. 5–6, 2008.

F. Khalil-Ur-Rehman, “Raspberry Pi Personal Cloud Storage,” pp. 1–67, 2015, doi: 10.13140/RG.2.2.18628.88960.

D. Anton and E. Simion, “Linux Unified Key Setup (LUKS) - The Good, the Bad, the Ugly,” Proc. 10th Int. Conf. Electron. Comput. Artif. Intell. ECAI 2018, pp. 1–6, 2019, doi: 10.1109/ECAI.2018.8678978.

BSN, “SNI ISO/IEC 19790: Teknologi informasi – Teknik keamanan – Persyaratan keamanan untuk modul kriptografi,” 2015

A. Reforman, M. Awilaga, and R. P. Keras “TUGAS AKHIR Pengembangan Key Distribution Center dengan Menerapkan Protokol Kerberos dan Key Storage pada Prototipe Manajemen Kunci,” 2020.

Z. Diao, Q. Wang, N. Su, and Y. Zhang,“Study on Data Security Policy Based on Cloud Storage,” Proc. - 3rd IEEE Int. Conf.Big Data Secur. Cloud, BigDataSecurity 2017, 3rd IEEE Int. Conf. High Perform. Smart Comput. HPSC 2017 2nd IEEE Int Conf. Intell. Data Secur., pp. 145149,2017doi:0.1109/BigDataSecurity.2017.12.

S. Nepal, C. Friedrich, L. Henry, and S. Chen, “A secure storage service in the hybrid cloud,” Proc. - 2011 4th IEEE Int. Conf. Util. Cloud Comput. UCC 2011, pp. 334–335, 2011, doi: 10.1109/UCC.2011.55.

J. T. Harmening, Virtual Private Networks. Elsevier Inc., 2013

Downloads

Submitted

15-11-2022

Accepted

23-05-2023

Published

31-05-2023

Issue

Section

Articles