Main page Research activities Publications Talks MSc thesis projects Hobby and spare time Write me This site uses
Google Analytics
Last updated on
28 November 2017

Publication details

T. Cucinotta, D. Cherubini, E. Jul. "Confidential Domains of Execution," (to appear) in Bell Labs Technical Journal.

Abstract

Data confidentiality or Cloud Computing? A true dilemma worthy of Hamlet and a reality for users aiming to exploit computational services in the cloud. Sensitive data can be protected by encryption, but if any computation is to be performed in the cloud, then the decryption key must be available somewhere in the cloud infrastructure (there are techniques that circumvent this, but they are not as efficient). This implies that the cloud provider must be able to offer an unchallengeable level of trustworthiness both in its systems and in its employees. Multi-tenancy of cloud infrastructures adds a dimension of complexity to the problem: despite a provider trustworthiness, an attack might actually come from software hosted on behalf of other customers.

In this paper, we present Confidential Domain of Execution (CDE), a novel mechanism ensuring confidential execution of software in an otherwise untrusted environment. In our proposed solution, confidential data processing in the cloud can be achieved by an isolated execution environment (the CDE) where any communication with the outside untrusted world is forcibly encrypted. Inside a CDE, user's software does not need to be over- loaded with expensive cryptographic operations at every memory access or cache miss, as proposed in secure processor architectures, but it can compute on plain-text data at native speed. Ultimately, confidentiality relies on hardware-level mechanisms that cannot be circumvented, and all the software inside the confidential environment is provided by the end user. Therefore, the software Trusted Computing Base to be provided by the cloud provider to ensure confidentiality is reduced to zero.

The mechanism can be useful to overcome the challenging issues in guaranteeing confidential execution in virtualized infrastructures, including cloud computing and virtualized network functions, among other scenarios. With our proposal, confidential cloud computing can be ensured without requiring that users blindly trust the cloud provider nor any of its employees, and without the performance drawbacks typical of other solutions proposed in the literature for confidential computing in untrusted environments.

See paper on publisher website Download paper


Main page Research activities Publications Talks MSc thesis projects Hobby and spare time Write me Last updated on