This research studies new mechanisms for enabling the consumer of the service to reduce the visibility of consumer computations to the service provider and thereby reduce the trust that the consumer places in the provider. At the same time, the mechanisms allow security of the cloud computing environment to be monitored by a trusted third party. The work also develops a quantified method to evaluate the degree to which a user's privacy is disclosed and tools for monitoring causality relationships.
Privacy concern is one of the major concerns preventing many users moving to the clouds. The estimated loss of cloud market will be around $35 billions by 2016. One major goal of the project is to enable user-configured privacy protection in cloud computing environments. Encryptions are being widely used to protect users' data in cloud but traditional encryptions does not allow arbitrary processing over encrypted data. Homomorphic encryption allows more processing but the performance is not practical yet. We instead investigated architectural solutions to protect users' privacy in the clouds. The fundamental privacy problem of existing architectures is the privilege design. The cloud administrators are assigned with too much privileges, much more than necessary to manage the clouds. We developed a new architecture using separation-of-privilege design to de-privilege the cloud administrator, such that the cloud administrator cannot look into the resource already allocated to the users. The core design is an access control matrix (ACM) built into the hypervisor. Moreover, we grant user privileges to configure the access to their own spaces. Thus, if a user is willing to, cloud monitoring is also possible, in the space a user implicitly opened to the cloud administrators. We also developed technology to move resource management codes out of the trusted computing base (TCB) of the cloud platform. The technology can help to reduce the TCB and also reduce the attack surface. Through the project, 3 Ph.D. students, 2 M.S. students, and 4 undergraduate students received training. The results of the project, including papers, technical reports, and videos, are all posted on the project website for public accesses.