Andrey Brito (Federal University of Campina Grande, Brazil)

CloudScape Brazil, Porto Alegre, RS

July 7th, 2016

Secure Cloud

• Main objectiveImprove confidentiality of programs executed in clouds

• ApproachEvaluate if/how hardware mechanisms in commodity CPUs (esp., Intel SGX) and can be used to protect the confidentiality of programs

2July 7th, 2016 CloudScape Brazil

Confidentiality++

• Ensure confidentiality as well as integrity, consistency and availability of applications

• Protect cloud applications against attacks by– employees of the cloud provider

– other tenants / hackers

– hackers with physical access

• Enable novel applications by removing trust dependency between data providers, application providers and cloud providers

3July 7th, 2016 CloudScape Brazil

Status (Started in January, 1st)

• Porting and deploying commonly and executing software to run inside SGX– MySQL, Memcached, Apache

• Evaluating tradeoffs– Other technologies– Software architectures that enable and facilitate the porting of existing

solutions

• Planning how to integrate with existing cloud management platforms

4July 7th, 2016 CloudScape Brazil

Consortium

5July 7th, 2016 CloudScape Brazil

SecureCloud project is funded by the 3rd EU-Brazil coordinated call within the Horizon

2020 program.

European Commission

Horizon 2020

Brazil

Federal Government

MCTI – RNP – CTIC

Swiss Confederation

State Secretariat for Education,

Research and Innovation

July 7th, 2016 CloudScape Brazil 9

Consortium

UniversidadeFederal deItajubá

CH

CH

IT

IL

DEUK

DK

PB

MG

PR

SP

PR PR

RJ

coordinatorcoordinator

10July 7th, 2016 CloudScape Brazil