Privacy-Preserving Virtual Machine
Privacy-preserving Virtual Machine Tianlin Li ∗ Yaohui Hu ∗ Ping Yang Dept. of Computer Science Dept. of Computer Science Dept. of Computer Science Binghamton University Binghamton University Binghamton University Binghamton, NY, 13902 Binghamton, NY, 13902 Binghamton, NY, 13902 tli16@binghamton.edu yhu15@binghamton.edu pyang@binghamton.edu Kartik Gopalan Dept. of Computer Science Binghamton University Binghamton, NY, 13902 kartik@binghamton.edu ABSTRACT 1. INTRODUCTION Cloud computing systems routinely process users’ confidential data, Modern cloud platforms increasingly process and store users’ but the underlying virtualization software in use today is not con- confidential data, such as passwords, financial information, health structed to minimize the exposure of such data. For instance, vir- records, lawyer-client correspondence, and other personally iden- tual machine (VM) checkpointing can drastically prolong the life- tifying information. When using such cloud services, users have time and vulnerability of confidential data without users’ knowl- certain implicit expectations of data privacy, whether or not it is edge by storing such data as part of a persistent snapshot. A key explicitly guaranteed by the cloud provider. Users may expect that requirement for minimizing the exposure of any data is the abil- their confidential information will not be stored beyond its useful ity to cleanly isolate such data for either exclusion or processing. lifetime; for example, credit card numbers will be forgotten after Traditional mechanisms for memory taint tracking are expensive a successful transaction (unless explicitly authorized by the user), whereas those for isolating application footprint in VM-based sand- and passwords will not be stored in decrypted form except in mem- boxes are not transparent.
[Show full text]