Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SecureCloud - Concertation Meeting EUBrasilCloudFORUM

16 views

Published on

The main goal of the SecureCloud project is to enable novel big-data applications that can use sensitive data in the cloud without compromising data security and privacy.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

SecureCloud - Concertation Meeting EUBrasilCloudFORUM

  1. 1. Andrey Brito (Federal University of Campina Grande) Concertation Meeting - 18th April 2018
  2. 2. SecureCloud – Focus Area • Main objective: Improve confidentiality of programs executed in clouds • Approach: Evaluate how hardware mechanisms in commodity CPUs (esp., Intel SGX) can be used to protect the confidentiality of programs • Enable novel applications by removing trust dependency between data providers, application providers and cloud providers 2Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting
  3. 3. SecureCloud – Consortium 3Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting
  4. 4. Challenge (lots of software) & Technology Attack Surface Today Attack Surface with Intel® SGX OS VMM HARDWARE OS VMM HARDWARE Attack Surface Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting 4
  5. 5. Trusted Execution Environments (TEE) Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting 5 Data Owner Software Provider Infrastructure Owner Trusts Owns Trusts Authors Manages Data Owner’s Computer Computation Dispatcher Setup Verification Private Data Private Code Container Remote Computer Untrusted Software Setup Computation Receive Encrypted Results
  6. 6. Layered Architecture of SecureCloud Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting 6
  7. 7. Highlights – Main Assets Infrastructure • TEE-aware containers and VMs in standard cloud platforms • TEE-enabled attestation and secret sharing • Integrity violation checkers for applications Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting 7 Application • Templates for confidential processing of IoT data • Templates for confidential big data processing (K8s Jobs, MapReduce, Spark) Platform • Pub/Sub with confidential routing • Enclave-protected TLS termination • TEE-aware scaling and scheduling auto- scaling
  8. 8. Further – Recommended Actions • The technology for secure data storage and handling in the cloud exists • Nevertheless, we lack protective features such as data security and privacy – Critical issue with IoT and the movement of critical systems to the cloud • We need to… – Empower users to control his/her data – Enable all developers to support to this properties – Create policy and technical mechanisms to detect and protect against abuses – Create mechanisms that enable the movement of data, preserving the original restrictions regarding its usage Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting 8
  9. 9. SecureCloud project is funded by the 3rd EU-Brazil coordinated call within the Horizon 2020 program. European Commission Horizon 2020 Brazil Federal Government MCTIC – RNP – CTIC Swiss Confederation State Secretariat for Education, Research and Innovation Apr. 18th, 2018 EUBrasil CloudFORUM Concertation Meeting 9

×