1 research outputs found
Sealed Computation: Abstract Requirements for Mechanisms to Support Trustworthy Cloud Computing
In cloud computing, data processing is delegated to a remote party for
efficiency and flexibility reasons. A practical user requirement usually is
that the confidentiality and integrity of data processing needs to be
protected. In the common scenarios of cloud computing today, this can only be
achieved by assuming that the remote party does not in any form act
maliciously. In this paper, we propose an approach that avoids having to trust
a single entity. Our approach is based on two concepts: (1) the technical
abstraction of sealed computation, i.e., a technical mechanism to confine the
processing of data within a tamper-proof hardware container, and (2) the
additional role of an auditing party that itself cannot add functionality to
the system but is able to check whether the system (including the mechanism for
sealed computation) works as expected. We discuss the abstract technical and
procedural requirements of these concepts and explain how they can be applied
in practice