TC: Large: Collaborative Research: Trustworthy Virtual Cloud Computing
Principal Investigator:Michael Reiter
Funding Agency: National Science Foundation
Agency Number:CNS-0910483
Abstract
Virtual cloud computing has emerged recently as a promising solution to the future Information Technology (IT) management to both ease the administration of complex hardware and software systems and reduce the operational costs. Several industry and university leaders have presented possible solutions for virtual cloud computing, including IBM Blue Cloud, Google Cloud, Amazon Elastic Cloud Computing (EC2), Microsoft Azure, and Virtual Computing Lab (VCL) at NCSU, one of the proposing institutions. The cloud vision is that the computing resources offered by the service providers will be multiplexed across numerous customers, obviating the need for each customer to build its own infrastructure for accomplishing its tasks. Paramount to achieving this vision is that customers gain confidence that the mix of service providers they employ will perform as if it were an integrated facility for the sole use of the customer. That is, even if the various facilities are distinct and shared, they should appear to each customer as an integrated, exclusive, and reliable facility. The security of virtual cloud computing has become the barrier for its adoption. Indeed, virtual cloud computing presents a complex threat model to both service providers and customers. On the one hand, each service provider presents threats to the secrecy, integrity and availability of the customers’ data or processing it handles, and these threats are exacerbated by the shared nature of the facility. On the other hand, the service provider’s management infrastructure is threatened by potentially malicious workloads, which may be originally legitimate but later compromised by attackers or introduced by malicious customers directly. This project proposes fundamental research that leads to trustworthy virtual cloud computing and paves the way for its wide-adoption. The objective of this project is to systematically investigate the security problems in virtual cloud computing and develop a suite of mechanisms to ensure the trustworthiness of virtual cloud computing for both the service providers and the customers. This project consists of three technical thrusts: (1) Thrust 1 – protection of management infrastructure against malicious workloads and external attacks; (2) Thrust 2 – protection of hosted workloads from potentially malicious management infrastructure, and (3) Thrust 3 – new security services that could be provided by the management infrastructure to enhance the trustworthiness of customers’ workloads. The first two thrusts address the service providers’ security concerns for customers’ workloads and customers’ security concerns for the service providers, respectively, while the third one explores new opportunities to enhance the trustworthiness of virtual cloud computing against external security threats. This project is expected to perform transformative research that significantly enhances the trustworthiness of the future IT management. Expected outcome include: (1) mechanisms to measure and protect the integrity of the whole software stack in virtual cloud computing, ranging from the hypervisor, to the OS kernels of Virtual Machines (VMs), and finally the end applications; (2) techniques to secure the (integrity and secrecy) of critical data in VM images, even if such VMs are in dormant state; (3) approaches to tolerating and/or monitoring potentially malicious management infrastructure or malicious components (e.g., malicious storage nodes) in the infrastructure; (4) fundamental understanding of the impact of outsourcing relationships between service providers and methods for customers to mitigate those impacts; (5) new security services provided by management infrastructure for customers to enhance the trustworthiness of their workloads and better defend against security threats.