seeding clouds with trust anchors
play

Seeding Clouds with Trust Anchors Joshua Schiffman , Thomas Moyer, - PowerPoint PPT Presentation

Feb 08, 2023 •257 likes •668 views

  1. ������� ��� �������� �������������� �������� � � ������� ��� �������� �������� ������ ���������� �� �������� ������� ��� ����������� ������������ ����� ��������������������� ���� �� Seeding Clouds with Trust Anchors Joshua Schiffman , Thomas Moyer, Hayawardh Vijayakuamar, Trent Jaeger, and Patrick McDaniel CCSW ’10 Systems and Internet Infrastructure Security Laboratory (SIIS) Page 1 Saturday, October 16, 2010

  2. Hurdles to Cloud Adoption • Clouds offer customers a platform for on-demand resources and reduced administrative effort • However, fears of data loss and security breaches have stifled adoption by many businesses • We propose increasing the transparency of cloud platforms to build trust in them Systems and Internet Infrastructure Security Laboratory (SIIS) Page 2 Saturday, October 16, 2010

  3. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  4. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  5. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  6. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU Xen Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  7. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 Dom0 DomU DomU Xen Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  8. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  9. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  10. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  11. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  12. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  13. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  14. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  15. Uncertainty in Clouds • Customers are concerned with: ‣ Host and VM integrity ‣ VM isolation / protection ‣ Data leakage • Need to verify integrity of those components Dom0 DomU DomU DomU DomU Xen Systems and Internet Infrastructure Security Laboratory (SIIS) Page 3 Saturday, October 16, 2010

  16. Cloud support for proofs • Clouds offer a unique administrative environment for integrity measurement ‣ Physical security, internal PKI, consistent components ‣ Centralized administration over many systems • Focus on using hardened / proven components ‣ Assured hypervisors (e.g., SEL4) and code ‣ Verifiable enforcement policies Systems and Internet Infrastructure Security Laboratory (SIIS) Page 4 Saturday, October 16, 2010

  17. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  18. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  19. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  20. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Node Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  21. Cloud Verifier • We propose a Cloud Verifier (CV) mechanism to enable verification of cloud platforms by proxy ‣ Verifiable component in the cloud ‣ Monitors the integrity of VM hosts using a public integrity criteria Node Controller Node CV Controller Integrity Node Criteria Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 5 Saturday, October 16, 2010

  22. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage Node CV Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  23. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage Node CV Verifies Integrity Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  24. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage Node CV Verifies Integrity Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  25. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  26. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Generate VM key pair Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  27. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Generate VM key pair Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

  28. Customers using the CV • CV then vouches for integrity of a VM’s host using a signed public key Storage VM Node CV Verifies Integrity Controller Sign public key Systems and Internet Infrastructure Security Laboratory (SIIS) Page 6 Saturday, October 16, 2010

Recommend

From Trust Anchors to Melt ltdown of f Trust Ahmad-Reza Sadeghi Technische Universitt

From Trust Anchors to Melt ltdown of f Trust Ahmad-Reza Sadeghi Technische Universitt

Hardware-assisted Security: : From Trust Anchors to Melt ltdown of f Trust Ahmad-Reza Sadeghi Technische Universitt Darmstadt & Intel Collaborative Research Institute for Collaborative & Resilient Autonomous Systems His istorical

1.95k views • 178 slides
When you look up into the sky, you will often see clouds. No two clouds are the same, and there

When you look up into the sky, you will often see clouds. No two clouds are the same, and there

When you look up into the sky, you will often see clouds. No two clouds are the same, and there are many different types of clouds. Different kinds of clouds lead to different types of weather. Cirrus clouds are the highest group of clouds that

271 views • 5 slides
Soybean Seeding Trend Analysis February 2020 The Story ry of f Soybean Seeding Rates

Soybean Seeding Trend Analysis February 2020 The Story ry of f Soybean Seeding Rates

Atlantic Grains Council Soybean Seeding Trend Analysis February 2020 The Story ry of f Soybean Seeding Rates Introduction Chapter 1: Plant population Chapter 2: Yield Chapter 3: Previous crop Chapter 4: Seeding equipment

713 views • 27 slides
REVEGETATION REVEGETATION REVEGETATION REVEGETATION SEEDING SEEDING SEEDING SEEDING Or Or

REVEGETATION REVEGETATION REVEGETATION REVEGETATION SEEDING SEEDING SEEDING SEEDING Or Or

REVEGETATION REVEGETATION REVEGETATION REVEGETATION SEEDING SEEDING SEEDING SEEDING Or Or The Art of Greening Up Your Work The Art of Greening Up Your Work Bill Awmack P.Ag . Why Re Why Re - -Seed? Seed? Seed? Why Re Why Re Seed?

586 views • 46 slides
Nominal Anchors in EU-Accession Countries Recent Experiences Michael Frmmel, Universitt

Nominal Anchors in EU-Accession Countries Recent Experiences Michael Frmmel, Universitt

Nominal Anchors in EU-Accession Countries Recent Experiences Michael Frmmel, Universitt Hannover a Franziska Schobert, Deutsche Bundesbank b Abstract: We investigate official and implicit nominal anchors for five Central and Eastern

501 views • 35 slides
Anchors Page 53 Transform the World So When Do You Use Chains? Use Chaining Anchors when the

Anchors Page 53 Transform the World So When Do You Use Chains? Use Chaining Anchors when the

Chaining Anchors Page 53 Transform the World So When Do You Use Chains? Use Chaining Anchors when the undesired state and the desired state are too far apart. Usually when the undesired state is a stuck state where there is no

596 views • 8 slides
USING PAST SEEDING TREATMENTS TO INFORM FUTURE SOURCING IN THE COLORADO PLATEAU ANDREA T.

USING PAST SEEDING TREATMENTS TO INFORM FUTURE SOURCING IN THE COLORADO PLATEAU ANDREA T.

USING PAST SEEDING TREATMENTS TO INFORM FUTURE SOURCING IN THE COLORADO PLATEAU ANDREA T. KRAMER, SHANNON STILL, NORA TALKINGTON, TROY WOOD NATIONAL NATIVE SEED CONFERENCE FEBRUARY 15, 2017 MANY THINGS INFLUENCE SEEDING OUTCOMES Management

385 views • 24 slides
Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra Crest Tahoe Winter Snowfall - 2015-2018 Lake Tahoe Basin Snow Water Equivalent by Water Year WY2017 WY2016 median WY2018 74% median WY2015

420 views • 23 slides
Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra

Tahoe-Truckee Cloud Seeding Project Water Year 2018 1 DRI Cloud seeding generator: on (Sierra Crest Tahoe Winter 2017-2018 (WY2018) Snow Water Equivalent by Month 74% Average WY2018(74%) - Nov (11%), (9%) - Dec (25%),

343 views • 17 slides
Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research

Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research

Steven Y. Ko (SUNY at Buffalo), Kyungho Jeon (SUNY at Buffalo), Ramses Morales (Xerox Research Center Webster) What if we dont trust clouds? Or more specifically, To what extent can we utilize clouds with partial trust? 2 Some

451 views • 12 slides
K -Medoids for K -Means Seeding James Newling & Franc ois Fleuret Machine Learning Group,

K -Medoids for K -Means Seeding James Newling & Franc ois Fleuret Machine Learning Group,

K -Medoids for K -Means Seeding James Newling & Franc ois Fleuret Machine Learning Group, Idiap Research Institute & EPFL December 5th, 2017 COLE POLYTECHNIQUE FDRALE DE LAUSANNE The standard K -means pipeline First: Seeding.

1.96k views • 8 slides
Idaho Power Companys 2009 Cloud Seeding Program Summary Shaun Parkinson, Ph.D, P.E.

Idaho Power Companys 2009 Cloud Seeding Program Summary Shaun Parkinson, Ph.D, P.E.

An I DACORP Company Idaho Power Companys 2009 Cloud Seeding Program Summary Shaun Parkinson, Ph.D, P.E. Engineering Leader Idaho Powers Cloud Seeding Projects Payette Upper Snake in cooperation with E. Idaho - HCRC&D ldahoPo

264 views • 24 slides
Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and

Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and

Social Clouds Creating a research agenda Andrew Lippman MIT Media Lab October, 2010 Clouds and Mists: 1 st Cloud Defined by access Familiar as the internet Result of a nexus: PC, backbone, ISPs Web Opened vast doors to creativity Clouds and

592 views • 24 slides
ruth and Consequences: Information T Clouds and Virtualization Assurance Peter Rajnak,

ruth and Consequences: Information T Clouds and Virtualization Assurance Peter Rajnak,

People First, Ministry of Science, Performance Now Technology and Innovation ruth and Consequences: Information T Clouds and Virtualization Assurance Peter Rajnak, Guardtime 14 November 2013 Data trust and Audit Status Quo For 40

673 views • 27 slides
Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM

Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM

Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Session 3: Hydrology & Clouds 3:00- 5:30 PM Theme: Basically a continuation of climate talks

453 views • 19 slides
Research Update February 2020 In Introduction Soybeans: Seeding Rate, Fungicide and

Research Update February 2020 In Introduction Soybeans: Seeding Rate, Fungicide and

Atlantic Grains Council Research Update February 2020 In Introduction Soybeans: Seeding Rate, Fungicide and Fertility trials Peas: Gypsum and Seeding rate trials Oats: Nitrogen and Fungicide trials Corn: Boron/Sulfur trials in

689 views • 45 slides
What at An Anchors hors for r the e Na Natural ral Ra Rate e of In Inter terest est?

What at An Anchors hors for r the e Na Natural ral Ra Rate e of In Inter terest est?

What at An Anchors hors for r the e Na Natural ral Ra Rate e of In Inter terest est? Claudio audio Borio, io, Piti Disyatat atat and d Phuric icha hai Rungc ngcha haroenk oenkit itku kul 7 September 2018 Federal Reserve

377 views • 21 slides
RESOURCE MANAGEMENT RESOURCE MANAGEMENT STRATEGIES FOR SDR CLOUDS STRATEGIES FOR SDR CLOUDS Vuk

RESOURCE MANAGEMENT RESOURCE MANAGEMENT STRATEGIES FOR SDR CLOUDS STRATEGIES FOR SDR CLOUDS Vuk

Department of Signal Theory and Communications UNIVERSITAT POLITCNICA DE CATALUNYA RESOURCE MANAGEMENT RESOURCE MANAGEMENT STRATEGIES FOR SDR CLOUDS STRATEGIES FOR SDR CLOUDS Vuk Marojevic Ismael Gomez Pere Gilabert Gabriel Montoro

399 views • 27 slides
DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative

DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative

DNSSEC Trust Anchor Repositories (TAR) Update Russ Mundy Co-Chair DNSSEC Deployment Initiative Russ.Mundy@cobham.com / mundy@sparta.com www.dnssec-deployment.org DNSSEC Trust Anchors Starting point for DNSSEC validation Choice of

375 views • 16 slides
Tahoe-Truckee Cloud Seeding Project Preliminary Results Water Year 2018 April 4, 2018 1 DRI

Tahoe-Truckee Cloud Seeding Project Preliminary Results Water Year 2018 April 4, 2018 1 DRI

Tahoe-Truckee Cloud Seeding Project Preliminary Results Water Year 2018 April 4, 2018 1 DRI Cloud seeding generator: on (Sierra Crest Tahoe Winter 2017-2018 Target area Mt Rose SWE (in) Echo Pk SWE (in) 8,800 MSL 7,653 MSL Control

261 views • 13 slides
High Repetition Rate mJ-level Few-Cycle Pulse Laser Amplifier for XUV-FEL seeding . Laser

High Repetition Rate mJ-level Few-Cycle Pulse Laser Amplifier for XUV-FEL seeding . Laser

High Repetition Rate mJ-level Few-Cycle Pulse Laser Amplifier for XUV-FEL seeding . Laser amplifier development: applications at high repetition rate FELs The FLASH-II FEL seeding project Requirements for an XUV seed source and for

603 views • 29 slides
seeding of tissue engineering scaffolds Andreea-Paula ROBU* L cr mioara STOICU-TIVADAR*

seeding of tissue engineering scaffolds Andreea-Paula ROBU* L cr mioara STOICU-TIVADAR*

UNIVERSITY POLITEHNICA TIMISOARA, ROMANIA FACULTY OF AUTOMATION AND COMPUTERS DEPARTMENT OF AUTOMATION AND APPLIED INFORMATICS Computational study of the potential role of chemotaxis in enhancing the cell seeding of tissue engineering scaffolds

262 views • 22 slides
Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman

Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman

Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman Kansal Alireza Ghaffarkhah Presented by Joshua Davis Motivation and Background Cloud computing Off load processing and storage Charged per

549 views • 28 slides
UC SF The Short Neck: What is the Role of Anchors, Chimneys, Z-Fen? Jade S. Hiramoto, MD, MAS

UC SF The Short Neck: What is the Role of Anchors, Chimneys, Z-Fen? Jade S. Hiramoto, MD, MAS

UC SF The Short Neck: What is the Role of Anchors, Chimneys, Z-Fen? Jade S. Hiramoto, MD, MAS UCSF Vascular Symposium April 4, 2019 VASCULAR SURGERY UC SAN FRANCISCO 1 UC SF Disclosures Research support and royalties from Cook,

333 views • 16 slides

More recommend