Secure Enclaves for REactive Cloud Applications

Rezultaty

Design of system support for secure enclaves (initial)

This deliverable will present the initial design of the SERECA cloud platform architecture (T1.1), the basis for provisioning of secure enclaves in clouds (T1.2), as well as confidential data storage for enclaves (T1.3).

First prototypes of the use case applications

This deliverable will be a report on the developed use cases, describing the architectures of the applications and their dependencies on the underlying SERECA cloud platform. It includes results from T4.1 and T4.2.

First project workshop and tutorial

The first SERECA workshop and tutorial will occur no later than M24. This deliverable will contain a summary of the event.

Design and initial implementation of the management of secure, reactive cloud applications (initial)

This deliverable will report on the initial design regarding the management of SERECA applications (T3.1), the design of three reusable services for secure cloud applications (T3.2) and the security-aware application request handling (T3.5).

Application requirements (initial)

This deliverable will identify all technical application requirements to be implemented by the SERECA platform. It will combine the results of T1.1 and also include the results of T2.1 and T3.1, which investigate the requirements regarding the definition of mechanisms for distributed secure enclaves (WP2) and application management support (WP3). The identified requirements will be validated in the context of WP4.

Release of dissemination and communication instruments: initial press release and media kit

This deliverable encompasses initial press releases and a media kit that includes branding, success stories, project factsheet, and press materials.

Design and initial implementation of the management of secure, reactive cloud applications (updated)

This deliverable will include a revised requirements document for secure application management (T3.1), that of the reusable services for secure cloud applications (T3.2) and the security-aware application request handling (T3.5). It will also contain the requirements for the recovery of secure application state (T3.3) and the geo-local deployment policies for secure reactive cloud applications (T3.4). As a result, it describes the initial prototypes of tasks T3.1, T3.2 and T3.5.

Second project workshop and tutorial

The second SERECA workshop and tutorial will happen between M24 and M36. This deliverable will contain a summary of the event.

Rolling report on dissemination, communication, standardization, and exploitation activities (updated)

This is an updated report of D5.3

Application requirements (final)

This deliverable will identify all technical application requirements to be implemented by the SERECA platform. It will combine the results of T1.1 but also include the results of T2.1 and T3.1, which investigate the requirements regarding the definition of mechanisms for distributed secure enclaves (WP2) and application management support (WP3). The identified requirements will be validated in the context of WP4.

Evaluation report

This deliverable will report the results of the evaluation activity performed in T4.3, T4.4, and T4.5.

Design and implementation of operations on distributed secure enclaves (final)

This deliverable will present the final design of the SERECA operation on secure enclaves. This covers the final implementation and evaluation of all components as described in the task descriptions (T2.1–T2.3).

Design and implementation of System Support for secure enclaves (final)

This deliverable will describe the final design of the SERECA cloud platform architecture. This covers the final implementation and evaluation of all components as described in the task descriptions (T1.1–T1.3).

Design and implementation of the management of secure, reactive cloud applications (final)

This deliverable will present the final design and implementations of tasks T3.1–T3.5.

Up and running, constantly updated web site

This deliverable is the first version of the SERECA web site. Over the course of the project, the web site will be kept updated. A newsletter will be issued every six months and will report updates concerning the project status.

Publikacje

FFQ: A Fast Single-Producer/Multiple-Consumer Concurrent FIFO Queue

Autorzy: Sergei Arnautov, Pascal Felber, Christof Fetzer, Bohdan Trach
Opublikowane w: 2017 IEEE International Parallel and Distributed Processing Symposium (IPDPS), 2017, Strona(/y) 907-916, ISBN 978-1-5386-3914-6
Wydawca: IEEE
DOI: 10.1109/IPDPS.2017.41

SGXBOUNDS - Memory Safety for Shielded Execution

Autorzy: Dmitrii Kuvaiskii, Oleksii Oleksenko, Sergei Arnautov, Bohdan Trach, Pramod Bhatotia, Pascal Felber, Christof Fetzer
Opublikowane w: Proceedings of the Twelfth European Conference on Computer Systems - EuroSys '17, 2017, Strona(/y) 205-221, ISBN 9781-450349383
Wydawca: ACM Press
DOI: 10.1145/3064176.3064192

ShieldBox: Secure Middleboxes using Shielded Execution

Autorzy: Bohdan Trach, Alfred Krohmer, Franz Gregor, and Sergei Arnautov, Pramod Bhatotia, Christof Fetzer
Opublikowane w: Proceedings of Open Networking Summit North America 2018, 2018
Wydawca: SOSR

High Performance Secure Network Appliances

Autorzy: Bohdan Trach, Alfred Krohmer, Franz Gregor, and Sergei Arnautov, Pramod Bhatotia , Christof Fetzer
Opublikowane w: Proceedings of ACM SOSR 2018 (Symposium on SDN Research), 2018
Wydawca: ACM

Glamdring: Automatic application partitioning for Intel SGX

Autorzy: Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O'Keeffe, Pierre-Louis Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David Eyers, Ruediger Kapitza, Christof Fetzer, and Peter Pietzuch
Opublikowane w: Proceedings of the USENIX ATC 2017, 2017
Wydawca: USENIX

TrApps - Secure Compartments in the Evil Cloud

Autorzy: Stefan Brenner, David Goltzsche, Rüdiger Kapitza
Opublikowane w: Proceedings of the 1st International Workshop on Security and Dependability of Multi-Domain Infrastructures - XDOMO'17, 2017, Strona(/y) 1-6, ISBN 9781-450349376
Wydawca: ACM Press
DOI: 10.1145/3071064.3071069

LibSEAL: Revealing Service Integrity Violations Using Trusted Execution

Autorzy: Pierre-Louis Aublin, Florian Kelbert, Dan O'Keeffe, Divya Muthukumaran, Christian Priebe, Joshua Lind, Robert Krahn, Christof Fetzer, David Eyers, Peter Pietzuch
Opublikowane w: Proceedings of the 13th European Conference on Computer Systems, 2018
Wydawca: EuroSys2017
DOI: 10.1145/3190508.3190547

PESOS: Policy Enhanced Secure Object Store

Autorzy: Robert Krahn, Bohdan Trach, Anjo Vahldiek-Oberwagner, Thomas Knauth, Pramod Bhatotia, Christof Fetzer
Opublikowane w: Proceedings of the EuroSys 2018, 2018
Wydawca: ACM
DOI: 10.1145/3190508.3190518

Secure Cloud Micro Services using Intel SGX

Autorzy: Stefan Brenner, Tobias Hundt, Giovanni Mazzeo, Rüdiger Kapitza
Opublikowane w: 2017, Strona(/y) 177-191
Wydawca: Springer International Publishing
DOI: 10.1007/978-3-319-59665-5_13

Integrating Reactive Cloud Applications in SERECA

Autorzy: Christof Fetzer, Giovanni Mazzeo, John Oliver, Luigi Romano, Martijn Verburg
Opublikowane w: Proceedings of the 12th International Conference on Availability, Reliability and Security - ARES '17, 2017, Strona(/y) 1-8, ISBN 9781-450352574
Wydawca: ACM Press
DOI: 10.1145/3098954.3105820

A Secure Cloud-Based SCADA Application: the Use Case of a Water Supply Network

Autorzy: Mazzeo, Giovanni; Cerullo, Gianfranco; Papale, Gaetano; Sgaglione, Luigi; Cristaldi, Rosario
Opublikowane w: Numer 2, 2016
Wydawca: IOS Press
DOI: 10.3233/978-1-61499-674-3-291

Rezultaty

Publikacje

Udostępnij tę stronę

Pobierz