Abdullah L, Freiling F, Quintero J, Benenson Z (2019)
Publication Type: Conference contribution
Publication year: 2019
Publisher: Springer Verlag
Book Volume: 11387 LNCS
Pages Range: 137-152
Conference Proceedings Title: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISBN: 9783030127855
DOI: 10.1007/978-3-030-12786-2_9
In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is that the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously. In this paper, we propose an approach that avoids having to trust a single entity. Our approach is based on two concepts: (1) the technical abstraction of sealed computation, i.e., a technical mechanism to confine the processing of data within a tamper-proof hardware container, and (2) the additional role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected. We discuss the abstract technical and procedural requirements of these concepts and explain how they can be applied in practice.
APA:
Abdullah, L., Freiling, F., Quintero, J., & Benenson, Z. (2019). Sealed computation: Abstract requirements for mechanisms to support trustworthy cloud computing. In Frédéric Cuppens, Nora Cuppens, Christos Kalloniatis, Sokratis K. Katsikas, Costas Lambrinoudakis, John Mylopoulos, Annie Antón, Stefanos Gritzalis (Eds.), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (pp. 137-152). Barcelona, ES: Springer Verlag.
MLA:
Abdullah, Lamya, et al. "Sealed computation: Abstract requirements for mechanisms to support trustworthy cloud computing." Proceedings of the 4th International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2018 and 2nd International Workshop on Security and Privacy Requirements Engineering, SECPRE 2018 held in conjunction with 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona Ed. Frédéric Cuppens, Nora Cuppens, Christos Kalloniatis, Sokratis K. Katsikas, Costas Lambrinoudakis, John Mylopoulos, Annie Antón, Stefanos Gritzalis, Springer Verlag, 2019. 137-152.
BibTeX: Download