Hardware-enhanced Access Control in Cloud Computing

摘要

Future trustworthy computer systems should provide built-in support for at least the cornerstone security properties of confidentiality, integrity and availability. Access control can help significantly towards achieving this. However, in today's computing landscape, traditional access control implemented only in software may be either insufficient or non-optimal. We discuss some of these situations. Furthermore, fine-grained access control and usage control mechanisms implemented in software are themselves subject to attack, and may impose heavy performance overheads. Can new hardware architecture improve the security achievable by software mechanisms for access control and usage control? If so, what types of hardware support are most useful while retaining the flexibility of software protection mechanisms? What can software do, to help hardware achieve the best results? With the trend towards Cloud Computing, we discuss how new hardware architectural features for cloud servers can help protect the confidentiality and integrity of a cloud customer's code and data in his leased Virtual Machines -- even when the powerful underlying hypervisor may be compromised [1.2]. This uses a new, non-bypassable form of hardware access control. Without requiring new hardware, we can also leverage the hardware trend towards manycore chips, and the already available hardware virtualization features, to enhance Cloud Security but with a few restrictions and some new software support [3.4]. In general, we would like to motivate collaborations between the software security and the hardware architecture communities to explore software-hardware co-design for security [5]. What comes beyond access control in cloud computing and mobile computing ecosystems? The goal is to design future trustworthy systems that provide security protections, at the levels needed, when needed, even with malware in the system.