Julie Arteza
01 January 2016
31 December 2018
SecureCloud addresses the confidentiality, integrity and availability of applications executed in the cloud. Data at rest or in transit on the network is already nowadays protected by encryption. The main problem that we face is how to ensure the confidentiality of data while being processed. Our approach is based on upcoming hardware extensions of commodity CPUs like Intel's Secure Guard Extensions (SGX). By the help of these hardware extensions, we reduce the trusted computing base dramatically by excluding from it the millions of lines of source code of the cloud stack, operating systems and hypervisor. This permits us to ensure the confidentiality of computations even if the computers are under a different administrative control (like a cloud provider) or there is no physical security of the computers. Moreover, we ensure the confidentiality even if attackers would take control of the cloud stack, the hypervisor or the operating systems. As long as the hardware extensions of the CPU can be trusted, we can ensure the confidentiality of the computations.
SecureCloud focuses on ensuring the confidential and dependable processing of Big Data. To keep the trusted computing base small, we use the concept of microservices: only the application logic that processes data (e.g., operators) is protected while all functionality that, e.g., shuffles and stores encrypted data is outside the trusted computing base. By monitoring the microservices, we can restart services that run on compromised hosts. We will evaluate and demonstrate our approach in the context of smart grids. In this use case context, we need to run across a physically distributed computing infrastructure with no or little physical security and partly untrusted administrators. We need to process large volumes of data and this big data processing would benefit by partial offloading into the cloud. In SecureCloud, we will show how to do this in a secure fashion even if clouds are untrusted.
Are you looking for new Cybersecurity or Privacy services?
Find the right solution for your security needs!
To to improve the Open Rotor and UHBR Fan broadband noise prediction by using high-fidelity Large-Eddy Simulation (LES).
Ecosystem of cloud facilities characterized by superior security guarantees, providing protection from attacks by privileged users (e.g. the cloud provider or the system administrator) and software (e.g. the hypervisor).
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use