IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Charlas Invitadas > 2011 > Gaining Customer Trust in Cloud Services with Excalibur
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Rodrigo Rodrigues

lunes 12 de septiembre de 2011

3:00pm IMDEA conference room

Rodrigo Rodrigues, Assistant Research Professor, Max Planck Institute for Software Systems, Germany

Gaining Customer Trust in Cloud Services with Excalibur

Abstract:

Despite the benefits of cloud computing, its potential customers are concerned with data mismanagement risks that stem from the accidental or intentional activity of cloud software administrators. Although trusted computing could provide customers with stronger guarantees that cloud services are more resilient to these threats, this technology is ill-suited for the cloud since it exposes too many internal details of the cloud infrastructure, and hinders fault tolerance and load-balancing flexibility. To solve these limitations and enable the design of trustworthy cloud services, we present a system called Excalibur. Excalibur provides policy-sealed data, a new trusted computing primitive which enables data to be sealed (i.e., encrypted to a customer-defined policy) such that it can only be unsealed (i.e., decrypted) by nodes whose configurations match the policy; the configuration of nodes is bound to trusted computing hardware, making the primitive resilient to the actions of cloud administrators. Excalibur uses novel cryptographic protocols, and makes judicious use of existing trusted computing primitives. To demonstrate that Excalibur is practical, we used it in the Eucalyptus open-source cloud platform in order to provide customers with greater confidence that data is processed exclusively by the nodes that meet their preferences.