IACR News item: 27 June 2023
Syed Zair Abbas, Mudassar Aslam
ePrint Report
With the advancement in technology, Cloud computing always amazes the world with revolutionizing solutions that automate and
simplify complex computational tasks. The advantages like no maintenance cost, accessibility, data backup, pay-per-use models,
unlimited storage, and processing power encourage individuals and businesses to migrate their workload to the cloud. Despite the
numerous advantages of cloud computing, the geolocation of data in the cloud environment is a massive concern, which relates to
the performance and government legislation that will be applied to data. The unclarity of data geolocation can cause compliance
concerns. In this work, we have presented a technique that will allow users to restrict the geolocation of their data in the cloud
environment. We have used trusted computing mechanisms to attest the host and its geolocation remotely. With this model, the
user will upload the data whose decryption key will be shared with a third-party attestation server only. The decryption key will be
sealed to the TPM of the host after successful attestation guaranteeing the authorized geolocation and platform state.
Additional news items may be found on the IACR news page.