Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log

Anyi Liu; Selena Haidar; Yuan Cheng; Yingjiu Li

sesa 19(20): e3

Research Article

Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log

Download1075 downloads

Cite: BibTeX Plain Text

@ARTICLE{10.4108/eai.13-7-2018.162290,
    author={Anyi Liu and Selena Haidar and Yuan Cheng and Yingjiu Li},
    title={Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log},
    journal={EAI Endorsed Transactions on Security and Safety},
    volume={6},
    number={20},
    publisher={EAI},
    journal_a={SESA},
    year={2019},
    month={4},
    keywords={homomorphic encryption, finite state automaton, virtual machine, container.},
    doi={10.4108/eai.13-7-2018.162290}
}

Anyi Liu
Selena Haidar
Yuan Cheng
Yingjiu Li
Year: 2019
Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log
SESA
EAI
DOI: 10.4108/eai.13-7-2018.162290

Anyi Liu¹^,*, Selena Haidar¹, Yuan Cheng², Yingjiu Li³

1: Department of Computer Science and Engineering, Oakland University, 2200 N. Squirrel Road Rochester, MI 48309, USA
2: Department of Computer Science, California State University, Sacramento, 6000 J Street, Sacramento, CA 95819, USA.
3: Singapore Management University, 81 Victoria Street, 188065, Singapore

*Contact email: anyiliu@oakland.edu

Abstract

Cloud computing provides versatile solutions that allow users to delegate their jobs. An apparent limitation of most cloud audit services is that it is difficult for cloud users to tell the state of a delegated job. Although cloud users can provide a user-specified model, the model is susceptible to various exploits. In this paper, we present VERDICT, a system that amplifies the capability of the existing cloud audit services and allows users to check the state of a cloud job through the confidential model and audit log. VERDICT extracts the model from an application and keeps it in the encrypted form. The encrypted model is partitioned and updated with homomorphic encryption cipher in multiple sandboxes. The state of a delegated job can be checked by cloud users at any time. We implement VERDICT and deploy it in the VMs and containers on popular cloud platforms. Our evaluation shows that VERDICT is capable of reporting the state of a cloud job at run time, keeping the model confidential, and detecting malicious operations.

Keywords: homomorphic encryption, finite state automaton, virtual machine, container.

Received: 2019-01-24
Accepted: 2019-04-11
Published: 2019-04-29
Publisher: EAI

: http://dx.doi.org/10.4108/eai.13-7-2018.162290

Copyright © 2019 Anyi Liu et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.

Confidential State Verification for the Delegated Cloud Jobs with Confidential Audit Log

Abstract

About EAI

Community

Publish with EAI