Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log

Authors

DOI:

https://doi.org/10.4108/eai.13-7-2018.162290

Keywords:

homomorphic encryption, finite state automaton, virtual machine, container

Abstract

Cloud computing provides versatile solutions that allow users to delegate their jobs. An apparent limitation of most cloud audit services is that it is difficult for cloud users to tell the state of a delegated job. Although cloud users can provide a user-specified model, the model is susceptible to various exploits. In this paper, we present VERDICT, a system that amplifies the capability of the existing cloud audit services and allows users to check the state of a cloud job through the confidential model and audit log. VERDICT extracts the model from an application and keeps it in the encrypted form. The encrypted model is partitioned and updated with homomorphic encryption cipher in multiple sandboxes. The state of a delegated job can be checked by cloud users at any time. We implement VERDICT and deploy it in the VMs and containers on popular cloud platforms. Our evaluation shows that VERDICT is capable of reporting the state of a cloud job at run time, keeping the model confidential, and detecting malicious operations.

Downloads

Published

29-04-2019

How to Cite

Liu, A. ., Haidar, S. ., Cheng, Y. ., & Li, Y. . (2019). Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log. EAI Endorsed Transactions on Security and Safety, 6(20), e3. https://doi.org/10.4108/eai.13-7-2018.162290

Funding data