In this paper, we present Confidential Domain of Execution (CDE), a mechanism for achieving confidential execution of software in an otherwise untrusted environment, e.g., at a Cloud Service Provider. This is achieved by using an isolated execution environment in which any communication with the outside untrusted world is forcibly encrypted by trusted hardware. The mechanism can be useful to overcome the challenging issues in guaranteeing confidential execution in virtualized infrastructures, including cloud computing and virtualized network functions, among other scenarios. Moreover, the proposed mechanism does not suffer from the performance drawbacks typical of other solutions proposed for secure computing, as highlighted by the presented novel validation results. Copyright © 2014 SCITEPRESS - Science and Technology Publications.
|Titolo:||Confidential execution of cloud services|
|Data di pubblicazione:||2014|
|Appare nelle tipologie:||4.1 Contributo Atti Congressi/Articoli in extenso|