Cloud computing is growing at exponential rates due to its great benefits to virtually all companies relying on IT systems. The biggest concern preventing further cloud adoption is data security and privacy. The main security principle in the design of cloud servers has been virtual isolation which ignores information leakage through subtle channels shared by the processes running on the same physical hardware.
The goal of this project is to explore side-channel leakage on virtualized machines that form the cloud. By utilizing a cloud testbed, this project explores interactions of the underlying hardware, virtualization platforms, and cryptographic software. A better understanding of side-channel leakages is aiding the design of effective countermeasures. To facilitate effective transition to practice the project is taking a pragmatic approach by focusing on commonly used cryptographic software libraries which lie at the heart of virtually any security solution. To address identified weaknesses in existing crypto libraries, countermeasures in the form of patches will be released, ensuring the security of cloud servers.
The project resolves weaknesses in cryptographic software by issuing updates with immediate benefits to virtually all cloud customers. The impact is further amplified by the continuing rapid growth of cloud adoption. By understanding the vulnerabilities in virtualized systems, the project raises awareness in the software security community. By integration of results into existing curricula, the project aids training future cybersecurity experts at the undergraduate and graduate levels.
