Association for Computing Machinery
Malicious insiders are a substantial risk for today's cloud computing infrastructures. A single malicious cloud administrator can eavesdrop or damage business-critical or personally identifiable information and computations of thousands of cloud customers. To protect cloud users against such insiders, the authors propose a novel approach that enables a security team to protect privacy and integrity of cloud users' workloads against attacks by system administrators during operation and maintenance. They achieve this by managing the privileges of administrators during operation and maintenance while re-establishing the security of a compute node once administration is completed. By default, administrators' access to cloud servers is disabled since cloud operation is automated.