Skip to main content
eScholarship
Open Access Publications from the University of California

Improving Cloud Security using Secure Enclaves

  • Author(s): Beekman, Jethro Gideon
  • Advisor(s): Wagner, Davig
  • et al.
Abstract

Internet services can provide a wealth of functionality, yet their usage raises privacy, security and integrity concerns for users.

This is caused by a lack of guarantees about what is happening on the server side.

As a worst case scenario, the service might be subjected to an insider attack.

This dissertation describes the \emph{unalterable secure service} concept for trustworthy cloud computing.

Secure services are a powerful abstraction that enables viewing the cloud as a true extension of local computing resources.

Secure services combine the security benefits one gets locally with the manageability and availability of the distributed cloud.

Secure services are implemented using secure enclaves.

Remote attestation of the server is used to obtain guarantees about the programming of the service.

This dissertation addresses concerns related to using secure enclaves such as providing data freshness and distributing identity information.

Certificate Transparency is augmented to distribute information about which services exist and what they do.

All combined, this creates a platform that allows legacy clients to obtain security guarantees about Internet services.

Main Content
Current View