UPDATE: Zenodo migration postponed to Oct 13 from 06:00-08:00 UTC. Read the announcement.

Conference paper Open Access

CloudVaults: Integrating Trust Extensions into System Integrity Verification for Cloud-based Environments

Larsen, B.; Bergsson, D.; Giannetsos, T.

While the rapid evolution of container-based virtualization technologies, emerging as an integral part of cloud-based environments, brings forth several new opportunities for enabling the provision of distributed, mixed-criticality services, it also raises significant concerns for their security, resilience, and configuration correctness. In this paper, we present CloudVaults for coping with these challenges: a multi-level security verification framework that supports trust aware service graph chains with variable evidence on the integrity assurance and correctness of the comprised containers. It is a rst step towards a new frontier of security mechanisms to enable the provision of Configuration Integrity Veri cation (CIV), during both load- and run-time, by providing ne-grained measurements in supporting container trust decisions, thus, allowing for a much more e active verification towards building a global picture of the entire service graph integrity. We additionally provide and benchmark an open-source implementation of the enhanced attestation schemes.

Files (723.8 kB)
Name Size
723.8 kB Download
All versions This version
Views 8282
Downloads 126126
Data volume 91.2 MB91.2 MB
Unique views 7979
Unique downloads 124124


Cite as