Confidential Domains of Execution

  • Cherubini D.
  • Cucinotta T.
  • Jul E.

Data Confidentiality or Cloud Computing? A true dilemma worthy of Hamlet and a reality for users aiming to exploit computational services in the cloud. Sensitive data can be protected by encryption, but if any computation is to be performed in the cloud, then the decryption key must be available somewhere in the cloud infrastructure. This implies that the cloud provider must be able to offer an unchallengeable level of trustworthiness both in its systems and in its employees. Multi-tenancy of cloud infrastructures adds a dimension of complexity to the problem: despite a provider’s trustworthiness, an attack might actually come from software hosted on behalf of other customers. In this paper, we present Confidential Domain of Execution (CDE), a novel mechanism ensuring confidential execution of software in an otherwise untrusted environment. In our proposed solution, confidential data processing in the cloud can be achieved by an isolated execution environment (the CDE) where any communication with the outside untrusted world is forcibly encrypted. Inside a CDE, user’s software does not need to be overloaded with expensive cryptographic operations at every memory access or cache miss, but it can compute on plain-text data at native speed. Ultimately, confidentiality relies on hardware-level mechanisms that cannot be circumvented, and all the software inside the confidential environment is provided by the end user. Therefore, the software Trusted Computing Base to be provided by the cloud provider to ensure confidentiality is reduced to zero. The mechanism can be useful to overcome the challenging issues in guaranteeing confidential execution in virtualized infrastructures, including cloud computing and virtualized network functions, among other scenarios. With our proposal, confidential cloud computing can be ensured without requiring that users blindly trust the cloud provider nor any of its employees, and without the performance drawbacks typical of other solutions proposed in the literature for secure computing.

Recent Publications

August 09, 2017

A Cloud Native Approach to 5G Network Slicing

  • Francini A.
  • Miller R.
  • Sharma S.

5G networks will have to support a set of very diverse and often extreme requirements. Network slicing offers an effective way to unlock the full potential of 5G networks and meet those requirements on a shared network infrastructure. This paper presents a cloud native approach to network slicing. The cloud ...

August 01, 2017

Modeling and simulation of RSOA with a dual-electrode configuration

  • De Valicourt G.
  • Liu Z.
  • Violas M.
  • Wang H.
  • Wu Q.

Based on the physical model of a bulk reflective semiconductor optical amplifier (RSOA) used as a modulator in radio over fiber (RoF) links, the distributions of carrier density, signal photon density, and amplified spontaneous emission photon density are demonstrated. One of limits in the use of RSOA is the lower ...

July 12, 2017

PrivApprox: Privacy-Preserving Stream Analytics

  • Chen R.
  • Christof Fetzer
  • Le D.
  • Martin Beck
  • Pramod Bhatotia
  • Thorsten Strufe

How to preserve users' privacy while supporting high-utility analytics for low-latency stream processing? To answer this question: we describe the design, implementation and evaluation of PRIVAPPROX, a data analytics system for privacy-preserving stream processing. PRIVAPPROX provides three properties: (i) Privacy: zero-knowledge privacy (ezk) guarantees for users, a privacy bound tighter ...