University of Calgary
Applications running in a cloud data center face several challenges, including secure deployment, insider attacks, and cryptographic key management. Previous research shows how to securely start and run individual programs using the Trusted Platform Module or other secure co-processors, but none of that work solves the end-to-end problem of deploying and gaining assurance in distributed applications running on third-party hardware. And key management in existing systems often requires trust in potentially untrustworthy certificate authorities. CloudProxy is a new framework that provides secure deployment of applications to the cloud, defends against insider attacks, and provides protocols for automatic key management.