Skip to main content
SpringerLink
Log in

Idea: Towards an Inverted Cloud

  • Conference paper
Engineering Secure Software and Systems (ESSoS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8978))

Included in the following conference series:

Abstract

In this paper we propose the concept of an inverted cloud infrastructure. The traditional view of a cloud is turned upside down: instead of having services or infrastructure offered by a single provider, the same can be achieved by an aggregation of a multitude of mini providers. Even though the contribution of an individual mini provider in an inverted cloud can be limited, the combination would nevertheless be significant. We propose an architecture for an implementation of an inverted cloud infrastructure to allow mini providers to offer processor time. Security and efficiency can be achieved by building upon Intel’s new SGX technology.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agten, P., Jacobs, B., Piessens, F.: Sound modular verification of C code executing in an unverified context. In: Accepted for publication in Proceedings of the Symposium on Principles of Programming Languages (POPL 2015) (2015)

    Google Scholar 

  2. Agten, P., Strackx, R., Jacobs, B., Piessens, F.: Secure compilation to modern processors. In: Computer Security Foundations Symposium (2012)

    Google Scholar 

  3. Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: HASP 2013 (2013)

    Google Scholar 

  4. Avonds, N., Strackx, R., Agten, P., Piessens, F.: Salus: Non-hierarchical memory access rights to enforce the principle of least privilege. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 252–269. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  5. Cowan, C., Pu, C., Maier, D., Hintony, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: USENIX Security Symposium (1998)

    Google Scholar 

  6. Dunn, A.M., Hofmann, O.S., Waters, B., Witchel, E.: Cloaking malware with the trusted platform module. In: USENIX Conference on Security (2011)

    Google Scholar 

  7. Intel Corporation. Software Guard Extensions Programming Reference (2013)

    Google Scholar 

  8. McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: Efficient TCB reduction and attestation. In: Security and Privacy (2010)

    Google Scholar 

  9. McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for TCB minimization. In: EuroSys 2008 (2008)

    Google Scholar 

  10. Miller, A., Shi, E., Juels, A., Parno, B., Katz, J.: Permacoin: Repurposing bitcoin work for data preservation. In: Security and Privacy (May)

    Google Scholar 

  11. Nikiforakis, N., Piessens, F., Joosen, W.: HeapSentry: Kernel-assisted protection against heap overflows. In: Rieck, K., Stewin, P., Seifert, J.-P. (eds.) DIMVA 2013. LNCS, vol. 7967, pp. 177–196. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  12. Noorman, J., Agten, P., Daniels, W., Strackx, R., Herrewege, A.V., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: USENIX Security Symposium (2013)

    Google Scholar 

  13. One, A.: Smashing the stack for fun and profit. Phrack Magazine 7(49) (1996)

    Google Scholar 

  14. Owusu, E., Guajardo, J., McCune, J., Newsome, J., Perrig, A., Vasudevan, A.: OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms. In: Computer & Communications Security (2013)

    Google Scholar 

  15. Parno, B., Gentry, C., Howell, J., Raykova, M.: Pinocchio: Nearly practical verifiable computation. In: Security and Privacy (S&P 2013) (2013)

    Google Scholar 

  16. Patrignani, M., Agten, P., Strackx, R., Jacobs, B., Clarke, D., Piessens, F.: Secure compilation to protected module architectures. Accepted for Publication in Transactions on Programming Languages and Systems

    Google Scholar 

  17. Patrignani, M., Clarke, D., Piessens, F.: Secure Compilation of Object-Oriented Components to Protected Module Architectures. In: Shan, C.-C. (ed.) APLAS 2013. LNCS, vol. 8301, pp. 176–191. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  18. Philippaerts, P., Younan, Y., Muylle, S., Piessens, F., Lachmund, S., Walter, T.: Code Pointer Masking: Hardening Applications against Code Injection Attacks. In: Detection of Intrusions and Malware, and Vulnerability Assessment

    Google Scholar 

  19. Poniatowski, M.: Foundation of Green IT. Prentice Hall (2009)

    Google Scholar 

  20. Strackx, R., Agten, P., Avonds, N., Piessens, F.: Salus: Kernel support for secure process compartments. Accepted for publication in Endorsed Transactions on Security and Safety

    Google Scholar 

  21. Strackx, R., Lambrigts, N.: Idea: State-continuous transfer of state in protected-module architectures. In: Piessens, F., Caballero, J., Bielova, N. (eds.) ESSoS 2015. LNCS, vol. 8978, pp. 43–50. Springer, Heidelberg (2015)

    Google Scholar 

  22. Strackx, R., Piessens, F.: Fides: Selectively hardening software application components against kernel-level or process-level malware. In: CCS (2012)

    Google Scholar 

  23. Strackx, R., Piessens, F., Preneel, B.: Efficient Isolation of Trusted Subsystems in Embedded Systems. In: Security and Privacy in Communication Networks (2010)

    Google Scholar 

  24. Strackx, R., Younan, Y., Philippaerts, P., Piessens, F.: Efficient and effective buffer overflow protection on ARM processors. In: WISTP 2010 (2010)

    Google Scholar 

  25. Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: EuroSec 2009 (2009)

    Google Scholar 

  26. Vasudevan, A., Chaki, S., Jia, L., McCune, J., Newsome, J., Datta, A.: Design, implementation and verification of an extensible and modular hypervisor framework. In: Security and Privacy (2013)

    Google Scholar 

  27. Younan, Y., Philippaerts, P., Cavallaro, L., Sekar, R., Piessens, F., Joosen, W.: PAriCheck: an efficient pointer arithmetic checker for C programs. In: ASIACCS 2010 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. iMinds-DistriNet, University of Leuven, Leuven, Belgium

    Raoul Strackx

  2. University College Leuven-Limburg, Leuven & Limburg, Belgium

    Pieter Philippaerts & Frédéric Vogels

Authors
  1. Raoul Strackx
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pieter Philippaerts
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frédéric Vogels
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. iMinds-DistriNet, KU Leuven, Belgium

    Frank Piessens

  2. IMDEA Software Institute, Campus de Montegancedo S/N, 28223, Pozuelo de Alarcón, Spain

    Juan Caballero

  3. Inria Sophia Antipolis – Mediterranee, 2004 route des Lucioles, B.P. 93, 06902, Sophia Antipolis Cedex, France

    Nataliia Bielova

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Strackx, R., Philippaerts, P., Vogels, F. (2015). Idea: Towards an Inverted Cloud. In: Piessens, F., Caballero, J., Bielova, N. (eds) Engineering Secure Software and Systems. ESSoS 2015. Lecture Notes in Computer Science, vol 8978. Springer, Cham. https://doi.org/10.1007/978-3-319-15618-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-15618-7_9

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-15617-0

  • Online ISBN: 978-3-319-15618-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation