seeding clouds with trust anchors
play

Seeding Clouds with Trust Anchors Joshua Schiffman , Thomas Moyer, - PowerPoint PPT Presentation

Feb 08, 2023 •257 likes •668 views

  1. ������� ��� �������� �������������� �������� � � ������� ��� �������� �������� ������ ���������� �� �������� ������� ��� ����������� ������������ ����� ��������������������� ���� �� Seeding Clouds with Trust Anchors Joshua Schiffman , Thomas Moyer, Hayawardh Vijayakuamar, Trent Jaeger, and Patrick McDaniel CCSW ’10 Systems and Internet Infrastructure Security Laboratory (SIIS) Page 1 Saturday, October 16, 2010

  2. Hurdles to Cloud Adoption • Clouds offer customers a platform for on-demand resources and reduced administrative effort • However, fears of data loss and security breaches have stifled adoption by many businesses • We propose increasing the transparency of cloud platforms to build trust in them Systems and Internet Infrastructure Security Laboratory (SIIS) Page 2 Saturday, October 16, 2010

  3. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  4. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  5. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  6. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU Xen Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  7. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 Dom0 DomU DomU Xen Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  8. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  9. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  10. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  11. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  12. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  13. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  14. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  15. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  16. Cloud support for proofs • Clouds offer a unique administrative environment for integrity measurement ‣ Physical security, internal PKI, consistent components ‣ Centralized administration over many systems • Focus on using hardened / proven components ‣ Assured hypervisors (e.g., SEL4) and code ‣ Verifiable enforcement policies Systems and Internet Infrastructure Security Laboratory (SIIS) Page 4 Saturday, October 16, 2010

  17. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  18. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  19. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  20. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  21. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Integrity Node Criteria Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  22. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage Node CV Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  23. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage Node CV Verifies Integrity Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  24. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage Node CV Verifies Integrity Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  25. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  26. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Generate VM key pair Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  27. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Generate VM key pair Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  28. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Sign public key Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

From Trust Anchors to Melt ltdown of f Trust Ahmad-Reza Sadeghi Technische Universitt

From Trust Anchors to Melt ltdown of f Trust Ahmad-Reza Sadeghi Technische Universitt

Hardware-assisted Security: : From Trust Anchors to Melt ltdown of f Trust Ahmad-Reza Sadeghi Technische Universitt Darmstadt & Intel Collaborative Research Institute for Collaborative & Resilient Autonomous Systems His istorical

1.95k views • 178 slides
When you look up into the sky, you will often see clouds. No two clouds are the same, and there

When you look up into the sky, you will often see clouds. No two clouds are the same, and there

When you look up into the sky, you will often see clouds. No two clouds are the same, and there are many different types of clouds. Different kinds of clouds lead to different types of weather. Cirrus clouds are the highest group of clouds that

271 views • 5 slides
Soybean Seeding Trend Analysis February 2020 The Story ry of f Soybean Seeding Rates

Soybean Seeding Trend Analysis February 2020 The Story ry of f Soybean Seeding Rates

Atlantic Grains Council Soybean Seeding Trend Analysis February 2020 The Story ry of f Soybean Seeding Rates Introduction Chapter 1: Plant population Chapter 2: Yield Chapter 3: Previous crop Chapter 4: Seeding equipment

713 views • 27 slides
REVEGETATION REVEGETATION REVEGETATION REVEGETATION SEEDING SEEDING SEEDING SEEDING Or Or

REVEGETATION REVEGETATION REVEGETATION REVEGETATION SEEDING SEEDING SEEDING SEEDING Or Or

REVEGETATION REVEGETATION REVEGETATION REVEGETATION SEEDING SEEDING SEEDING SEEDING Or Or The Art of Greening Up Your Work The Art of Greening Up Your Work Bill Awmack P.Ag . Why Re Why Re - -Seed? Seed? Seed? Why Re Why Re Seed?

586 views • 46 slides
Nominal Anchors in EU-Accession Countries Recent Experiences Michael Frmmel, Universitt

Nominal Anchors in EU-Accession Countries Recent Experiences Michael Frmmel, Universitt

Nominal Anchors in EU-Accession Countries Recent Experiences Michael Frmmel, Universitt Hannover a Franziska Schobert, Deutsche Bundesbank b Abstract: We investigate official and implicit nominal anchors for five Central and Eastern

501 views • 35 slides
Anchors Page 53 Transform the World So When Do You Use Chains? Use Chaining Anchors when the

Anchors Page 53 Transform the World So When Do You Use Chains? Use Chaining Anchors when the

Chaining Anchors Page 53 Transform the World So When Do You Use Chains? Use Chaining Anchors when the undesired state and the desired state are too far apart. Usually when the undesired state is a stuck state where there is no

596 views • 8 slides
USING PAST SEEDING TREATMENTS TO INFORM FUTURE SOURCING IN THE COLORADO PLATEAU ANDREA T.

USING PAST SEEDING TREATMENTS TO INFORM FUTURE SOURCING IN THE COLORADO PLATEAU ANDREA T.

USING PAST SEEDING TREATMENTS TO INFORM FUTURE SOURCING IN THE COLORADO PLATEAU ANDREA T. KRAMER, SHANNON STILL, NORA TALKINGTON, TROY WOOD NATIONAL NATIVE SEED CONFERENCE FEBRUARY 15, 2017 MANY THINGS INFLUENCE SEEDING OUTCOMES Management

385 views • 24 slides
Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra Crest Tahoe Winter Snowfall - 2015-2018 Lake Tahoe Basin Snow Water Equivalent by Water Year WY2017 WY2016 median WY2018 74% median WY2015

420 views • 23 slides
Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra Crest Tahoe Winter 2017-2018 (WY2018) Snow Water Equivalent by Month 74% Average WY2018(74%) - Nov (11%), (9%) - Dec (25%),

343 views • 17 slides
Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research

Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research

Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research Center Webster) What if we dont trust clouds? Or more specifically, To what extent can we utilize clouds with partial trust? 2 Some

451 views • 12 slides
K -Medoids for K -Means Seeding James Newling & Franc ois Fleuret Machine Learning Group,

K -Medoids for K -Means Seeding James Newling & Franc ois Fleuret Machine Learning Group,

K -Medoids for K -Means Seeding James Newling & Franc ois Fleuret Machine Learning Group, Idiap Research Institute & EPFL December 5th, 2017 COLE POLYTECHNIQUE FDRALE DE LAUSANNE The standard K -means pipeline First: Seeding.

1.96k views • 8 slides
Idaho Power Companys 2009 Cloud Seeding Program Summary Shaun Parkinson, Ph.D, P.E.

Idaho Power Companys 2009 Cloud Seeding Program Summary Shaun Parkinson, Ph.D, P.E.

An I DACORP Company Idaho Power Companys 2009 Cloud Seeding Program Summary Shaun Parkinson, Ph.D, P.E. Engineering Leader Idaho Powers Cloud Seeding Projects Payette Upper Snake in cooperation with E. Idaho - HCRC&D ldahoPo

264 views • 24 slides
Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and

Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and

Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and Mists: 1 st Cloud Defined by access Familiar as the internet Result of a nexus: PC, backbone, ISPs Web Opened vast doors to creativity Clouds and

592 views • 24 slides
ruth and Consequences: Information T Clouds and Virtualization Assurance Peter Rajnak,

ruth and Consequences: Information T Clouds and Virtualization Assurance Peter Rajnak,

People First, Ministry of Science, Performance Now Technology and Innovation ruth and Consequences: Information T Clouds and Virtualization Assurance Peter Rajnak, Guardtime 14 November 2013 Data trust and Audit Status Quo For 40

673 views • 27 slides
Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM

Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM

Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Theme: Basically a continuation of climate talks

453 views • 19 slides
Research Update February 2020 In Introduction Soybeans: Seeding Rate, Fungicide and

Research Update February 2020 In Introduction Soybeans: Seeding Rate, Fungicide and

Atlantic Grains Council Research Update February 2020 In Introduction Soybeans: Seeding Rate, Fungicide and Fertility trials Peas: Gypsum and Seeding rate trials Oats: Nitrogen and Fungicide trials Corn: Boron/Sulfur trials in

689 views • 45 slides
Ensuing Food Safety & Nutrition A Journey towards Food Safety Excellence The Akshaya

Ensuing Food Safety & Nutrition A Journey towards Food Safety Excellence The Akshaya

Ensuing Food Safety & Nutrition A Journey towards Food Safety Excellence The Akshaya Patra Foundation, Bangalore, India By: Muralidhar Pundla 2 nd Dec 2015 The Akshaya Patra Foundation The Akshaya Patra Foundation is a not-for-profit

787 views • 50 slides
Serpentine Gallery Exhibitions Modern and contemporary art Architecture and design

Serpentine Gallery Exhibitions Modern and contemporary art Architecture and design

Serpentine Gallery Exhibitions Modern and contemporary art Architecture and design Education and Public Programmes Projects Expanded Programmes Visitors 713,107 visitors in 2006/07 92.7% increase sin 2005/06

704 views • 66 slides
LAGOS HABITAT 2011 Agenda for Transformation of Lagos into a Homogenous and Sustainable

LAGOS HABITAT 2011 Agenda for Transformation of Lagos into a Homogenous and Sustainable

TECHNICAL COMMITTEE FOR POLICY REFORM ON PLANNING REGULATION & BUILDING CONTROL LAGOS HABITAT 2011 Agenda for Transformation of Lagos into a Homogenous and Sustainable City Presentation to the Association of Consulting Architects

1.48k views • 21 slides
AGENDA Result of AGMS & EGMS 2016 1 Unilever Indonesia 2 Performance USLP 2015 Update 3

AGENDA Result of AGMS & EGMS 2016 1 Unilever Indonesia 2 Performance USLP 2015 Update 3

AGENDA Result of AGMS & EGMS 2016 1 Unilever Indonesia 2 Performance USLP 2015 Update 3 Winning with Consumers in 4 Key Moments AGMS & EGMS 2016 OUTCOMES RESULT OF ANNUAL GENERAL MEETING OF SHAREHOLDERS 1. First Agenda a.

624 views • 33 slides
Investor Presentation November 2019 Disclaimer This presentation and the accompanying slides (the

Investor Presentation November 2019 Disclaimer This presentation and the accompanying slides (the

Investor Presentation November 2019 Disclaimer This presentation and the accompanying slides (the Presentation), which have been prepared by ADF Foods Limited (the Company), have been prepared solely for information purposes and do

347 views • 30 slides
ECR Food Waste & Markdown Working Group Production Planning Sam McPherson Senior Manager

ECR Food Waste & Markdown Working Group Production Planning Sam McPherson Senior Manager

Asda Supply Chain 2020 ECR Food Waste & Markdown Working Group Production Planning Sam McPherson Senior Manager Central Supply & Strategy Asda Supply Chain 2020 Fresh Production Planning Introduction The Problem

130 views • 12 slides
Q2 2017 presentation Arni Oddur Thordarson, CEO, Linda Jonsdottir, CFO July 27, 2017 Q2: Strong

Q2 2017 presentation Arni Oddur Thordarson, CEO, Linda Jonsdottir, CFO July 27, 2017 Q2: Strong

Q2 2017 presentation Arni Oddur Thordarson, CEO, Linda Jonsdottir, CFO July 27, 2017 Q2: Strong order intake, solid performance with delays in orders booked off Revenue of 244 million - Q2 2016: 264m Revenue EBIT* 244 35.9

474 views • 20 slides
Typical urban storefronts in Southeast Asia A small store in Laos with an eerily familiar

Typical urban storefronts in Southeast Asia A small store in Laos with an eerily familiar

Typical urban storefronts in Southeast Asia A small store in Laos with an eerily familiar brand name no blue light specials, though! I n Southeast Asia, motorbikes are ubiquitous and, of course, there has to be parking

321 views • 16 slides

More recommend