UCF Collaborates with Ohio State in Study to Improve Cloud Computing The new technology examined aims to provide privacy of comp
New technology intended to improve the security of cloud computing may still be vulnerable to attacks, according to a new study co-authored by a University of Central Florida researcher.
Some of the vulnerabilities were detailed in a research presentation at the USENIX Security Symposium on Aug. 15, in Santa Clara, California.
The study examined processor manufacturer AMD’s Secure Encrypted Virtualization technology, a new advancement, which aims to provide privacy of computation and data in public clouds without needing to trust the cloud service providers and their software so users can experience confidential cloud computing.
“The goal is to essentially say, ‘Hey you don’t have to trust the cloud computing companies, you can just trust the processor,’” said Yan Solihin, a professor in UCF’s Department of Computer Science who helped co-author the study. “That’s the promise. What we show in the paper is it’s not easy to get to that promise.”
The lead author of the research paper was Mengyuan Li, a doctoral student in The Ohio State University’s Department of Computer Science and Engineering. Co-authors also included Zhiqiang Lin and Yinqian Zhang, associate professors in the university’s Department of Computer Science and Engineering.
The team worked together to discover the vulnerability and demonstrate the proof-of-concept attacks successfully in a lab setting.
“My student, Mengyuan, put quite a lot of effort in this work,” Zhang said.
Other computer processor companies, such as Intel, also offer similar environments that are walled off from the cloud computing service. AMD’s processor is unique, however, because it encrypts the entire memory, unlike other processors, where only portions of the memory are encrypted at a time.
This is an added security feature, but also means that the processor is reliant on input and output messages with the cloud computer software, rather than dedicating a portion of encrypted memory for that. It’s in these incoming and outgoing communications where the vulnerabilities lay, the researchers said.
Other researchers have reported the memory-integrity problems in the processor in the past, but this study was the first to report the vulnerabilities in the input and output operations, along with resulting other problems.
Despite evolving research to improve the security of cloud computing, using those services can be economically beneficial for users and businesses and may even be more secure for businesses that do not have the resources to hire information technology specialists to manage and safeguard their systems, Solihin said.
“There are risks with putting your information in the cloud, but there are benefits as well,” Solihin said. “You have to consider that. There are a lot of efforts to make your data secure.”
The technology from AMD analyzed in the research is still new and not widely deployed, Zhang said. The results of the research have also been relayed to AMD to help them implement fixes in future versions of their processor.
“I think we are still in the process for this technology to become mature,” Zhang said. “The purpose of this study is to inform the vendors to build trusted execution environments to support this secure cloud operation you at least have to consider these types of attacks.’”
Solihin is the director of UCF’s Cybersecurity and Privacy Cluster, and the Charles Millican chair of computer science at UCF. He joined UCF in 2018.
The research was supported by National Science Foundation grants, research gifts from Intel and DFINITY as well as from funding from UCF.
Share This Article
UCF Student Research Week 2023 Kicks Off with the Academic Exhibition of the Year
UCF students will share their findings with the university community during Student Research Week, March 27-31. Compiling and condensing all their work on one poster each, students will present their work...
UCF Graduate Dean’s Dissertation Completion Fellowship Drives Excellence, Provides Aid
As the cost of living has risen dramatically over the past several years, financial assistance has become a vital component of student success. There is no doubt that completing a...
UCF Postdoctoral Scholar Draws on Her Island Roots to Champion for Marginalized Populations
Makella Coudray is passionate about advocating for disadvantaged groups. “I personally like championing causes for those that society may overlook, and I try to do that through my work,” she...
UCF Researchers Work to Reduce the Amount of Precious Metals in Catalytic Converters
The precious metals, such as platinum, palladium and rhodium, in catalytic converters make the vehicle devices attractive to thieves, but University of Central Florida researchers are working to reduce the...
UCF Researcher Receives Samsung International Global Research Outreach Award
Debashis Chanda, a professor in UCF’s NanoScience Technology Center, recently received Samsung’s International Global Research Outreach Award for the year 2022 in the Future Camera and Sensor category. This is...