This Small Business Innovation Research Phase I project will design and build SecureVault, a technology platform that allows cloud infrastructures to run clients' tasks with full computation privacy. The cloud provider itself is unable to access to customers' workloads even in the presence of malicious-intent direct physical access to the hardware itself. SecureVault significantly increases cloud defense capabilities, and provides strong computation privacy, and regulatory compliance guarantees to any regulatory- and security-sensitive customers. SecureVault achieves this by (i) endowing a traditional infrastructure with a collaborative security layer of active transparent defense and control, a cloud ?immune system?, and (ii) new mechanisms that allow full computation privacy for outsourced tasks. The immune system has its own control network and can instantly share critical information and react independently for meaningful operation and fast recovery even under sustained attack and severe compromise. It also transparently monitors and accesses the server runtimes and can strongly react and immediately present a united defense across the entire cloud. Moreover, inherent privacy and confidentiality assurances allow SecureVault clouds to safely execute computation and host data with full security, even in the case of a compromised curious service provider with full physical access to the infrastructure.

The broader impact/commercial potential of this project will manifest itself in all dimensions of our increasingly internet and cloud-reliant society and technology. Because clouds introduce significant risks, technology-backed comprehensive security and privacy assurances are essential to establish cloud computing as a truly viable alternative to in-house IT. Unfortunately, these guarantees are not achievable with any of today's offerings or research efforts, despite being direly needed by all major potential cloud adopters, including financial, governmental and healthcare markets, heavily governed by security, regulatory compliance and intellectual property constraints. As a result, rather than risk regulatory compliance breaches, and unauthorized access to proprietary business logic, these major markets have simply not adopted the cloud. Countless surveys outline security and privacy consistently as the top concern preventing adoption, and markets have reacted with strong reservations. In a recent ISACA survey, 45% of over 1,800 corporate IT decision makers affirmed that cloud risks outweigh benefits. SecureVault is a disruptive technology that will bridge this gap and make cloud adoption secure and attractive in all these markets. As a result it will lead to exponential cross-market growth. Finally, enabling cloud deployment with full computation privacy, regulatory compliance and data confidentiality will significantly increase enterprise agility and competitiveness.

Project Report

This Small Business Innovation Research Phase I project has designed and built key prototype components of SecureVault, a technology platform that allows cloud infrastructures to run clients' tasks with full computation privacy. The cloud provider itself is unable to access to customers' workloads even in the presence of malicious-intent insiders. SecureVault significantly increases cloud defense capabilities, and provides strong computation privacy, and regulatory compliance guarantees to any regulatory- and security-sensitive customers. The broader impact/commercial potential of this project will manifest itself in all dimensions of our increasingly internet and cloud-reliant society and technology. Because clouds introduce significant risks, technology-backed comprehensive security and privacy assurances are essential to establish cloud computing as a truly viable alternative to in-house IT. Unfortunately, these guarantees are not achievable with any of today's offerings or research efforts, despite being direly needed by all major potential cloud adopters, including financial, governmental and healthcare markets, heavily governed by security, regulatory compliance and intellectual property constraints. As a result, rather than risk regulatory compliance breaches, and unauthorized access to proprietary business logic, these major markets have simply not adopted the cloud. Countless surveys outline security and privacy consistently as the top concern preventing adoption, and markets have reacted with strong reservations. In a recent ISACA survey, 45% of over 1,800 corporate IT decision makers affirmed that cloud risks outweigh benefits. SecureVault is a disruptive technology that will bridge this gap and make cloud adoption secure and attractive in all these markets. As a result it will lead to exponential cross-market growth. Finally, enabling cloud deployment with full computation privacy, regulatory compliance and data confidentiality will significantly increase enterprise agility and competitiveness. The Phase I project has been extremely successful and all milestones and goals have been successfully accomplished or exceeded. This work has set up excellent foundations for the Phase II effort.

Agency
National Science Foundation (NSF)
Institute
Division of Industrial Innovation and Partnerships (IIP)
Type
Standard Grant (Standard)
Application #
1212631
Program Officer
Muralidharan Nair
Project Start
Project End
Budget Start
2012-07-01
Budget End
2013-06-30
Support Year
Fiscal Year
2012
Total Cost
$179,995
Indirect Cost
Name
Private Machines Inc.
Department
Type
DUNS #
City
Brooklyn
State
NY
Country
United States
Zip Code
11232