As the practice of renting remote computing resources from a cloud computing platform becomes increasingly popular, the security of such systems is a subject of continued scrutiny. This thesis explores the current state of cloud computing security along with critical components of the cloud computing model. It identifies the need to trust a third party with sensitive information as a substantial obstacle for cloud computing customers. It then proposes a new model, Host-Obscure Computing, for a cloud computing service using secure enclaves and encryption that allows a customer to execute code remotely without exposing sensitive information, including program flow control logic. It presents a proof of concept for a secure cloud computing service using confidential computing technology, cryptography, and an emulator that runs in a secure memory space. It then provides an analysis of its effectiveness at reducing data exposure and its performance impact. Finally, it analyzes this model's advantages and its potential impact on the cloud computing industry. / Master of Science / The use of public cloud computing services continues to rise as a solution to many of the problems associated with on-premises data centers. Customers who would otherwise move to the cloud have resisted this change for security reasons. This research investigates what these security barriers are. Then, it proposes a novel model for a cloud computing service, referred to as Host-Obscure Computing, that is designed to mitigate these issues. Specifically, it addresses the need of a customer to share their program code and working data with the cloud provider. It outlines the development of a prototype implementation of this model. It then presents an analysis of this new service model from both a performance and security perspective. Finally, it suggests how the adoption of a service model similar to Host-Obscure Computing could improve the state of the cloud computing industry.
Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/101869 |
Date | 12 January 2021 |
Creators | Cain, Chandler Lee |
Contributors | Electrical and Computer Engineering, Ransbottom, J. Scot, Midkiff, Scott F., Tront, Joseph G., Raymond, David Richard |
Publisher | Virginia Tech |
Source Sets | Virginia Tech Theses and Dissertation |
Detected Language | English |
Type | Thesis |
Format | ETD, application/pdf, application/pdf, application/pdf |
Rights | In Copyright, http://rightsstatements.org/vocab/InC/1.0/ |
Page generated in 0.0021 seconds