Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Providing User Security Guarantees in Public Infrastructure Clouds
RISE - Research Institutes of Sweden, ICT, SICS. (Security Lab)ORCID iD: 0000-0003-0132-857x
RISE - Research Institutes of Sweden, ICT, SICS. (Security Lab)ORCID iD: 0000-0001-8003-200X
RISE - Research Institutes of Sweden, ICT, SICS.
2017 (English)In: IEEE Transactions on Cloud Computing, ISSN 2168-7161, Vol. 5, no 3, p. 405-419, article id 7399365Article in journal (Refereed) Published
Abstract [en]

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organisations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

Place, publisher, year, edition, pages
2017, 11. Vol. 5, no 3, p. 405-419, article id 7399365
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-24528DOI: 10.1109/TCC.2016.2525991OAI: oai:DiVA.org:ri-24528DiVA, id: diva2:1043612
Projects
InfracloudAvailable from: 2016-10-31 Created: 2016-10-31 Last updated: 2018-07-09Bibliographically approved

Open Access in DiVA

fulltext(844 kB)21 downloads
File information
File name FULLTEXT01.pdfFile size 844 kBChecksum SHA-512
39dfbd7374ec7dfa2608673b9da19cdae4b1e40092cc20b85fd5057f012c039a72c18e3800813931b39e421d2d0712fd3a78c6a45eb2b38232c1378a410e600f
Type fulltextMimetype application/pdf

Other links

Publisher's full texthttp

Authority records BETA

Paladi, Nicolae

Search in DiVA

By author/editor
Paladi, NicolaeGehrmann, Christian
By organisation
SICS
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 21 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 52 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.2