EAGER: Holistic Security for Cloud Computing: Verifiable Computation

EAGER：云计算的整体安全性：可验证计算

• 批准号: 1347522
• 负责人: Ran Canetti
• 金额: $ 20万
• 依托单位: Trustees of Boston University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-09-01 至 2016-02-29
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1347522&HistoricalAwards=false
• 关键词: EAGER; Holistic; Security; Cloud; Computing

A basic security concern inherent to outsourced computating services is guaranteeing the integrity of the information received from the cloud. The concern relates both to outsourced data storage and to the results of outsourced computations. There are several aspects to this problem like ensuring software correctness, protecting against intentional deviation and shortcuts, maintaining data provenance, and guaranteeing results of distributed computation from mutually distrusted sources. Moreover, it is not enough to provide separate guarantees on each axis, solutions to these concerns must compose.This proposal concentrates on the design of mechanisms that enable clients to verify the correctness of the results of outsourced computations, authenticity and provenance of remotely stored data, and the combination of the two. Particular emphasis is given to mechanisms that provide composable security guarantees, where one can combine the security properties of several individual mechanisms to a joint, holistic security guarantee, and furthermore make informed and meaningful tradeoffs between performance and verifiability. These new abilities are bound to greatly enhance the acceptance and usefulness of cloud computing, and in particular open it up to new classes of applications and markets.

外包计算服务固有的一个基本安全问题是保证从云接收的信息的完整性。这个问题涉及到外包数据存储和外包计算的结果。这个问题有几个方面，如确保软件正确性，防止故意的偏差和捷径，维护数据来源，并保证分布式计算的结果来自相互不信任的来源。此外，仅在每个轴上提供单独的保证是不够的，这些关注点的解决方案必须组合在一起。这个建议集中于机制的设计，使客户能够验证外包计算结果的正确性、远程存储数据的真实性和来源，以及两者的结合。特别强调提供可组合安全保证的机制，其中可以将几个单独机制的安全属性组合为一个联合的、整体的安全保证，并且进一步在性能和可验证性之间进行明智和有意义的权衡。这些新功能一定会极大地提高云计算的接受度和实用性，特别是将其开放给新类别的应用程序和市场。