In this paper, we present Confidential Domain of Execution (CDE), a mechanism for achieving confidential execution of software in an otherwise untrusted environment, e.g., at a Cloud Service Provider. This is achieved by using an isolated execution environment in which any communication with the outside untrusted world is forcibly encrypted by trusted hardware. The mechanism can be useful to overcome the challenging issues in guaranteeing confidential execution in virtualized infrastructures, including cloud computing and virtualized network functions, among other scenarios. Moreover, the proposed mechanism does not suffer from the performance drawbacks typical of other solutions proposed for secure computing, as highlighted by the presented novel validation results. Copyright © 2014 SCITEPRESS - Science and Technology Publications.
Confidential execution of cloud services
CUCINOTTA, TOMMASO;
2014-01-01
Abstract
In this paper, we present Confidential Domain of Execution (CDE), a mechanism for achieving confidential execution of software in an otherwise untrusted environment, e.g., at a Cloud Service Provider. This is achieved by using an isolated execution environment in which any communication with the outside untrusted world is forcibly encrypted by trusted hardware. The mechanism can be useful to overcome the challenging issues in guaranteeing confidential execution in virtualized infrastructures, including cloud computing and virtualized network functions, among other scenarios. Moreover, the proposed mechanism does not suffer from the performance drawbacks typical of other solutions proposed for secure computing, as highlighted by the presented novel validation results. Copyright © 2014 SCITEPRESS - Science and Technology Publications.| File | Dimensione | Formato | |
|---|---|---|---|
|
CLOSER-2014-CDE.pdf
accesso aperto
Tipologia:
Documento in Pre-print/Submitted manuscript
Licenza:
PUBBLICO - Pubblico con Copyright
Dimensione
212.51 kB
Formato
Adobe PDF
|
212.51 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
