Conference paper Open Access
CloudVaults: Integrating Trust Extensions into System Integrity Verification for Cloud-based Environments
Larsen, B.; Bergsson, D.; Giannetsos, T.
While the rapid evolution of container-based virtualization technologies, emerging as an integral part of cloud-based environments, brings forth several new opportunities for enabling the provision of distributed, mixed-criticality services, it also raises significant concerns for their security, resilience, and configuration correctness. In this paper, we present CloudVaults for coping with these challenges: a multi-level security verification framework that supports trust aware service graph chains with variable evidence on the integrity assurance and correctness of the comprised containers. It is a rst step towards a new frontier of security mechanisms to enable the provision of Configuration Integrity Veri cation (CIV), during both load- and run-time, by providing ne-grained measurements in supporting container trust decisions, thus, allowing for a much more e active verification towards building a global picture of the entire service graph integrity. We additionally provide and benchmark an open-source implementation of the enhanced attestation schemes.
| Name | Size | |
|---|---|---|
|
36-CloudVaults-Paper.pdf
md5:6d1127528f5fdcd8ec8ef6db64e3a305 |
723.8 kB | Download |
| All versions | This version | |
|---|---|---|
| Views | 82 | 82 |
| Downloads | 126 | 126 |
| Data volume | 91.2 MB | 91.2 MB |
| Unique views | 79 | 79 |
| Unique downloads | 124 | 124 |
- Publication date:
- September 30, 2020
- DOI:
-
- Keyword(s):
- Cloud-Based Environments Container-based Microservices Conguration Integrity Verication Privacy-Oriented Attestation
- Grants:
-
European Commission:
- FutureTPM - Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module (779391)
- Meeting:
- 1st Workshop on Dependability and Safety Emerging Cloud and Fog Systems
- License (for files):
- Creative Commons Attribution 4.0 International