Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Providing User Security Guarantees in Public Infrastructure Clouds
RISE, Swedish ICT, SICS, Security Lab.ORCID iD: 0000-0003-0132-857X
RISE, Swedish ICT, SICS, Security Lab.ORCID iD: 0000-0001-8003-200X
RISE, Swedish ICT, SICS.
2016 (English)In: IEEE Transactions on Cloud Computing, ISSN 2168-7161Article in journal (Refereed) Published
Abstract [en]

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organisations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

Place, publisher, year, edition, pages
2016, 11.
National Category
Computer and Information Science
Identifiers
URN: urn:nbn:se:ri:diva-24528DOI: 10.1109/TCC.2016.2525991OAI: oai:DiVA.org:ri-24528DiVA: diva2:1043612
Projects
Infracloud
Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2017-05-02Bibliographically approved

Open Access in DiVA

fulltext(844 kB)15 downloads
File information
File name FULLTEXT01.pdfFile size 844 kBChecksum SHA-512
39dfbd7374ec7dfa2608673b9da19cdae4b1e40092cc20b85fd5057f012c039a72c18e3800813931b39e421d2d0712fd3a78c6a45eb2b38232c1378a410e600f
Type fulltextMimetype application/pdf

Other links

Publisher's full texthttp

Search in DiVA

By author/editor
Paladi, NicolaeGehrmann, Christian
By organisation
Security LabSICS
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 15 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 44 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.28.0