secure cloud - secure big data processing in untrusted clouds
TRANSCRIPT
Andrey Brito (Federal University of Campina Grande, Brazil)
CloudScape Brazil, Porto Alegre, RS
July 7th, 2016
Secure Cloud
• Main objectiveImprove confidentiality of programs executed in clouds
• ApproachEvaluate if/how hardware mechanisms in commodity CPUs (esp., Intel SGX) and can be used to protect the confidentiality of programs
2July 7th, 2016 CloudScape Brazil
Confidentiality++
• Ensure confidentiality as well as integrity, consistency and availability of applications
• Protect cloud applications against attacks by– employees of the cloud provider
– other tenants / hackers
– hackers with physical access
• Enable novel applications by removing trust dependency between data providers, application providers and cloud providers
3July 7th, 2016 CloudScape Brazil
Status (Started in January, 1st)
• Porting and deploying commonly and executing software to run inside SGX– MySQL, Memcached, Apache
• Evaluating tradeoffs– Other technologies– Software architectures that enable and facilitate the porting of existing
solutions
• Planning how to integrate with existing cloud management platforms
4July 7th, 2016 CloudScape Brazil
Consortium
5July 7th, 2016 CloudScape Brazil
SecureCloud project is funded by the 3rd EU-Brazil coordinated call within the Horizon
2020 program.
European Commission
Horizon 2020
Brazil
Federal Government
MCTI – RNP – CTIC
Swiss Confederation
State Secretariat for Education,
Research and Innovation
July 7th, 2016 CloudScape Brazil 9
Consortium
UniversidadeFederal deItajubá
CH
CH
IT
IL
DEUK
DK
PB
MG
PR
SP
PR PR
RJ
coordinatorcoordinator
10July 7th, 2016 CloudScape Brazil