Return to search

Securing the Public Cloud: Host-Obscure Computing with Secure Enclaves

As the practice of renting remote computing resources from a cloud computing platform becomes increasingly popular, the security of such systems is a subject of continued scrutiny. This thesis explores the current state of cloud computing security along with critical components of the cloud computing model. It identifies the need to trust a third party with sensitive information as a substantial obstacle for cloud computing customers. It then proposes a new model, Host-Obscure Computing, for a cloud computing service using secure enclaves and encryption that allows a customer to execute code remotely without exposing sensitive information, including program flow control logic. It presents a proof of concept for a secure cloud computing service using confidential computing technology, cryptography, and an emulator that runs in a secure memory space. It then provides an analysis of its effectiveness at reducing data exposure and its performance impact. Finally, it analyzes this model's advantages and its potential impact on the cloud computing industry. / Master of Science / The use of public cloud computing services continues to rise as a solution to many of the problems associated with on-premises data centers. Customers who would otherwise move to the cloud have resisted this change for security reasons. This research investigates what these security barriers are. Then, it proposes a novel model for a cloud computing service, referred to as Host-Obscure Computing, that is designed to mitigate these issues. Specifically, it addresses the need of a customer to share their program code and working data with the cloud provider. It outlines the development of a prototype implementation of this model. It then presents an analysis of this new service model from both a performance and security perspective. Finally, it suggests how the adoption of a service model similar to Host-Obscure Computing could improve the state of the cloud computing industry.

Identiferoai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/101869
Date12 January 2021
CreatorsCain, Chandler Lee
ContributorsElectrical and Computer Engineering, Ransbottom, J. Scot, Midkiff, Scott F., Tront, Joseph G., Raymond, David Richard
PublisherVirginia Tech
Source SetsVirginia Tech Theses and Dissertation
Detected LanguageEnglish
TypeThesis
FormatETD, application/pdf, application/pdf, application/pdf
RightsIn Copyright, http://rightsstatements.org/vocab/InC/1.0/

Page generated in 0.0021 seconds