Many enterprises and other organizations need to store and compute on a large amount of data. Cloud computing aims at renting such resources on demand. Today’s cloud providers offer both, highly available storage and massively parallel computing resources with High Performance Computing (HPC) at low costs, as they can share resources among multiple clients.
However, the current cloud computing model comes with perceived risks concerning resilience and privacy. There are three fundamental trends in ICT whose risks mutually reinforce each other:
- the push towards an Internet of Services – most services are provided on the web as a platform;
- cost pressures drive a migration of ICT into so-called Infrastructure clouds;
- growing importance of ICT as the critical “nervous system” for socially relevant “smart” infrastructures – such as healthcare, energy, environmental monitoring, or mobility.
Protecting data and services in the cloud is important to governments,organizations and enterprises across all industries, including healthcare, energy utilities, and banking. Thus, the perceived security and dependability risks of cloud computing are limiting its application.
We tackle these issues by applying known concepts from cryptography and Trusted Computing to the cloud. Our cloud computing research focus is on
- Confidentiality in a multi-tenancy environment (Trusted Virtual Domains, Virtualization security, OS Security, Privacy Attacks)
- Security analysis of existing cloud infrastructures (see AMID)
- Key management in the Cloud (Trusted Computing for managing keys that are not exposed)
- Secure Outsourcing (to untrusted cloud provider)
- Current Projects
- Finalized Projects