Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Shielding applications from an untrusted cloud with Haven
Baumann A., Peinado M., Hunt G.  OSDI 2014 (Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation, Broomfield, CO, Oct 6-8, 2014)267-283.2014.Type:Proceedings
Date Reviewed: Feb 23 2015

Cloud computing is a recent model for provisioning commodity hardware with a preinstalled software environment to run a custom software executable, where the provider of the commodity environment has enormous latitude for its provisioning. The term is new and its definition still coalescing, but the provider controls the hardware and software stack. Cloud computing subverts the longstanding tenet that the computing environment is largely trusted, whereas application software is untrustworthy. From the perspective of a custom application running in the cloud, trust in the environment is misplaced, because security guarantees are puny and expensive, and trust is difficult or impossible to enforce and validate.

Very little help in support of a healthy general presumption of mutual distrust between application code and the cloud environment is available. This paper provides a proof-of-concept implementation enabling mutual distrust between a general-purpose, user-level application and its operating environment, even when the user application is written without particular care to validate and enforce trust. This remarkable goal is achieved by embracing and sensibly extending the newly available Intel Software Guard Extensions (SGX) instructions and specification.

Originally, SGX enabled only parts of an application written to take advantage of this feature some degree of execution trust guaranteed by the hardware itself. SGX has limitations precluding the extension of trust to an entire application; for instance, SGX does not allow trust when processing interrupts. Haven succeeded in defining and implementing shielded execution for an entire, unmodified legacy application affording mutual distrust in a working prototype running Microsoft SQL Server and an Apache Web Server. This brilliant accomplishment could be celebrated as a harbinger of trust in the increasingly pervasive cloud computing model.

Reviewer:  A. Squassabia Review #: CR143201 (1506-0492)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Security and Protection (D.4.6 )
 
 
Cloud Computing (C.2.4 ... )
 
 
Network Communication (D.4.4 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Practical UNIX security
Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)
Jun 1 1992
Trusted products evaluation
Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article
Oct 1 1993
An experience using two covert channel analysis techniques on a real system design
Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article
Nov 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy