Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Trust but verify: trust establishment mechanisms in infrastructure clouds
RISE - Research Institutes of Sweden, ICT, SICS. Lund University, Sweden.ORCID iD: 0000-0003-0132-857x
2017 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

In the cloud computing service model, users consume computation resources provided through the Internet, often without any awareness of the cloud service provider that owns and operates the supporting hardware infrastructure. This marks an important change compared to earlier models of computation, for example when such supporting hardware infrastructure was under the control of the user. Given the ever increasing importance of computing, the shift to cloud computing raises several challenging issues, which include protecting the computation and ancillary resources such as network communication and the stored or produced data.While the potential risks for data isolation and confidentiality in cloud infrastructure are somewhat known, they are obscured by the convenience of the service model and claimed trustworthiness of cloud service providers, backed by reputation and contractual agreements. Ongoing research on cloud infrastructure has the potential to strengthen the security guarantees of computation, data and communication for users of cloud computing. This thesis is part of such research efforts, focusing on assessing the trustworthiness of components of the cloud network infrastructure and cloud computing infrastructure and controlling access to data and network resources and addresses select aspects of cloud computing security.The contributions of the thesis include mechanisms to verify or enforce security in cloud infrastructure. Such mechanisms have the potential to both help cloud service providers strengthen the security of their deployments and empower users to obtain guarantees regarding security aspects of service level agreements. By leveraging functionality of components such as the Trusted Platform Module, the thesis presents mechanisms to provide user guarantees regarding integrity of the computing environment and geographic location of plaintext data, as well as to allow users maintain control over the cryptographic keys for integrity and confidentiality protection of data stored in remote infrastructure. Furthermore, the thesis leverages recent innovations for platform security such as Software Guard Extensions to introduce mechanisms to verify the integrity of the network infrastructure in the Software-Defined Networking model. A final contribution of the thesis is an access control mechanism for access control of resources in the Software-Defined Networking model. 

Place, publisher, year, edition, pages
Lund: Lund University Open Access, 2017. , p. 225
Series
SICS dissertation series, ISSN 1101-1335
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ri:diva-39301ISBN: 978-91-7753-329-0 (print)ISBN: 978-91-7753-330-6 (electronic)OAI: oai:DiVA.org:ri-39301DiVA, id: diva2:1333354
Public defence
(English)
Opponent
Supervisors
Available from: 2019-07-02 Created: 2019-07-01 Last updated: 2019-07-31Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

https://lup.lub.lu.se/search/publication/22c1d979-2d87-4099-b19c-ea140cd76663

Authority records BETA

Paladi, Nicolae

Search in DiVA

By author/editor
Paladi, Nicolae
By organisation
SICS
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 4 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.9