Presently the plug server is widely used in different parts of the world as a replacement to the heavy computing machines that the cloud computing offers or the highly scalable machines in the data center. This also adds to a lot of onus on protecting the data stored within the plug server. The plug server only has a username/password login mechanism to securely get access to the data stored on it.
The data from one plug server can be physically swapped into another plug server and made readable to the end user. This makes it vulnerable to theft or even damaging the data stored on the plug.
Though there exists solutions to address the problem of protecting the data at rest on the physical server or a virtual machine which is always connected to the internet, that mechanism involves having a key server which is always connected to the internet as well and ideally located in the same data center as the Virtual Machine. There is also a solution as mentioned in Publication number: WO2014042512 A1 titled ‘Management of storage encryption over network-based elastic block store volume’, which describes the protecting the data stored on a cloud based block store, but there is no solution that discusses the use of a physical key to securely decrypt the data stored on a plug server when it is disconnected from the internet, and make the data usable to the user.
Therefore, there is a need for a solution that will encrypt the data as it is stored on the plug server and then upon presenting the right set of decryption keys it can then securely decrypt the data during the plug server startup process without the plug being connected to the internet.
Furthermore, this solution should also withstand attacks external users who can clone the key file into another new key file by cloning the keys and using them to access the data on the plug server. This will then make the plug secure against any sort of theft as well as if the plug server is stolen in the field of use, it can still keep the data secure as it cannot be read without the correct set of key files.