SecureCloud: Secure Big Data Processing in Untrusted Clouds

Florian Kelbert1,a, Franz Gregor2,c, Rafael Pires3,f, Stefan Köpsell2,d, Marcelo Pasin3,g, Aurélien Havet3,h, Valerio Schiavoni3,i, Pascal Felber3,j, Christof Fetzer2,e and Peter Pietzuch1,b
1Imperial College London, United Kingdom.
afkelbert@imperial.ac.uk
bprp@imperial.ac.uk
2TU Dresden, Germany.
cfranz.gregor@tu-dresden.de
dstefan.kopsell@tu-dresden.de
echristof.fetzer@tu-dresden.de
3University of Neuchatel, Switzerland.
frafael.pires@unine.ch
gmarcelo.pasin@unine.ch
haurelien.havet@unine.ch
ivalerio.schiavoni@unine.ch
jpascal.felber@unine.ch

ABSTRACT


We present the SecureCloud EU Horizon 2020 project, whose goal is to enable new big data applications that use sensitive data in the cloud without compromising data security and privacy. For this, SecureCloud designs and develops a layered architecture that allows for (i) the secure creation and deployment of secure micro-services; (ii) the secure integration of individual micro-services to full-fledged big data applications; and (iii) the secure execution of these applications within untrusted cloud environments. To provide security guarantees, SecureCloud leverages novel security mechanisms present in recent commodity CPUs, in particular, Intel's Software Guard Extensions (SGX). SecureCloud applies this architecture to big data applications in the context of smart grids. We describe the SecureCloud approach, initial results, and considered use cases.



Full Text (PDF)