Secure Cloud Computing on Many-core Architectures
Cloud computing is a disruptive trend that is changing the way we use computers, by providing elastic computing resources on demand. The convenience and cost savings of cloud computing unfortunately also come with serious security and privacy concerns. Professor Ruby Lee and her students in the Princeton Architecture Lab for Multimedia and Security (PALMS) study hardware-enhanced security for cloud computing. This includes research on more secure server and client architectures, trustworthy hardware-software system architectures, secure manycore processor chip architecture, secure virtualization architecture, secure storage and networking for virtual machines (VMs) hosted by cloud providers, e.g. infrastructure-as-a-service (IaaS) providers, and secure client platforms. The goal is to make execution in the cloud at least as secure as in one's own office.
An initial system architecture called NoHype was received with great interest by the community and selected as an Out-of-Box paper at the International Symposium on Computer Architecture (ISCA 2010). NoHype is a joint work between Prof. Lee and Prof. Rexford’s groups in the ELE and COS departments. In NoHype, the hypervisor (virtualization layer) is removed during VM execution, so that an active VM runs on bare hardware -- hence the name “NoHype”. The key features needed for multi-tenancy of VMs in IaaS servers are still provided, with a few restrictions, while significantly reducing the attack surface, thus making cloud computing more secure. Ongoing work includes prototyping NoHype by stripping the Xen hypervisor, while using state-of-the-art hardware virtualization features on an Intel multicore system. New research includes designing new architectures that protect a customer’s Virtual Machines for confidentiality, integrity and availability, from a potentially compromised commodity hypervisor. PALMS also looks at providing architecture for “self-protecting data”, which allows applications to process sensitive data such as electronic medical records, without leaking sensitive data nor breaching its access control policies.