Today we discuss the paper "Shielding applications from an untrusted cloud with Haven,” written by Andrew Baumann, Marcus Peinado, and Galen Hunt. This paper focuses on a concept called "shielded execution", which protects the confidentiality and integrity of a program as well as the associated data from the platform on which it runs - the cloud operators operating system, administrative software and firmware.The researchers’ prototype, Haven, represents the first system that can achieve shielded execution of unmodified legacy applications on a commodity operating system and commodity hardware. The authors state that with Haven, applications can store data and perform computations with equivalent trust to local computing. This gives privacy from Cloud operator's provider staff and legal authorities.
In the old days, a database server would store the top secret data and the operating system would host the runtime both being protected by firewall but with these moving to the cloud, the data and the runtime can be compromised. Therefore applications running with sql or apache and with their bugs should be able to run privately in untrusted cloud on commodity hardware. The vulnerabilities with cloud are that there application, operating system, hypervisor, firmware/bootloader, management tools or people and Law enforcement are trusted in that order. This is a hierarchical security model and any data can be observed/modified even if encrypted on disk/net. Although the technique of protection involves older concepts such as sandboxing, the host is assumed to be malicious and with that said, the application program still doesn't require modification.
#interview question
There is a hat with W white balls and B black balls. Audience can draw two balls at a time and return one white ball if the colors are the same or return one black ball otherwise. In the end only one ball remains in the hat and we have to guess the color.
Answer Per the question, the audience is left with one black ball when she draws two blacks or she is left with a white ball. Similarly the hat loses a white ball when one is returned or an unknown otherwise. The trick here is that each color has equal likelihood of leaving the hat so double the smaller number of W or B will be lost anyways. Then because the colors will remain the same only one of that color will remain. This works as long as W and B are not equal.
In the old days, a database server would store the top secret data and the operating system would host the runtime both being protected by firewall but with these moving to the cloud, the data and the runtime can be compromised. Therefore applications running with sql or apache and with their bugs should be able to run privately in untrusted cloud on commodity hardware. The vulnerabilities with cloud are that there application, operating system, hypervisor, firmware/bootloader, management tools or people and Law enforcement are trusted in that order. This is a hierarchical security model and any data can be observed/modified even if encrypted on disk/net. Although the technique of protection involves older concepts such as sandboxing, the host is assumed to be malicious and with that said, the application program still doesn't require modification.
#interview question
There is a hat with W white balls and B black balls. Audience can draw two balls at a time and return one white ball if the colors are the same or return one black ball otherwise. In the end only one ball remains in the hat and we have to guess the color.
Answer Per the question, the audience is left with one black ball when she draws two blacks or she is left with a white ball. Similarly the hat loses a white ball when one is returned or an unknown otherwise. The trick here is that each color has equal likelihood of leaving the hat so double the smaller number of W or B will be lost anyways. Then because the colors will remain the same only one of that color will remain. This works as long as W and B are not equal.
No comments:
Post a Comment