Sponsored by National Science Foundation

Cloud Verifier: Verifiable Auditing Service for IaaS Clouds

Overview | Publications | Demo

Visibility and control in Cloud

Cloud computing has revolutionized the way we consume computing resources. Instead of maintaining a locally administered data center, businesses and individuals can simply purchase compute, storage, and network resources on demand from a public cloud utility. While this new model has increased access to affordable resources, it comes with new and challenging security risks. By using remotely administered systems, cloud customers are no longer in able to maintain visibility and control over their computing infrastructure.

without such visibility and control:

Cloud Verifier

Therefore, we proposed the Cloud Verifier, a monitoring framework that provide complete, correct, accurate and verifiable monitoring service to customers. Customers can leverage such framework to obtain a correct view of the runtime state of their computing environment and perform responsive reaction upon anomalies.

The CV leverages the cloud's hierarchical structure to build transitive trust starting in the cloud platform up to the instances themselves. Platform states are monitored by a Cloud Verifier against the cloud administrator's specified criteria, thereby preventing maliciously modified systems from executing customer VMs. From there, cloud customers specify their own requirements, represented by Integrity Criteria, to the CV, which distributes those requirements to an Integrity Verification Proxy (IVP) service on each VM host. This IVP monitors each instance's state to detect changes on the VM or its host that violate those requirements. If those requirements are violated, remediation is then performed for customers by cutting connections to the problematic instance or rolling it back to a known good state.

Design Goals

The design of the monitoring framework is guided by the following goals: For how we achieved these goals, see the
Publications section.