Institute Hosts CloudTrust Mini Symposium

On Thursday May 10, 2012, the Hariri Institute in collaboration with the RISCS Center at Boston University will be hosting a half-day CloudTrust Mini Symposium — a set of four talks on various aspects of Cloud Computing Security. The Mini Symposium will be held in the Hariri Institute Seminar Room (MCS-180) and is open to the public.

CloudTrust Mini Symposium @ BU

May 10, 2012

Sponsored by the RISCS Center and Hosted at the Hariri Institute at Boston University

Schedule

1:00pm – 1:50pm
Title: Refereed Delegation of Computation
Speaker: Ben Riva, Tel Aviv University

2:00pm – 2:50pm
Title: Anonymous Card Shuffling and its Applications to Parallel Mixnets
Speaker: Michael Goodrich, University of California, Irvine

3:00pm – 3:50pm
Title: Towards a Trustworthy Marketplace for Cloud Resources
Speaker: Azer Bestavros, Boston University

4:00pm – 4:50pm
Title: Participatory Networking – Safely Allowing User-driven Network Management
Speaker: Rodrigo Fonseca, Brown University

Abstracts

Refereed Delegation of Computation (Ben Riva, Tel Aviv University)

The current move to Cloud Computing raises the need for verifiable delegation of computations, where a weak client delegates his computation to a powerful server, while maintaining the ability to verify that the result is correct. Although there are prior solutions to this problem, none of them is yet both general and practical for real-world use. We propose to extend the model as follows. Instead of using one cloud, the client uses two or more different clouds to perform his computation and can verify the correct result of the computation as long as at least one of the clouds is honest. We show a computationally-sound protocol for any efficiently computable function, with logarithmically many rounds, based on any collision-resistant hash family. Our protocol works for essentially any sequential program, and we present an implementation of the protocol, called QUIN, for Windows executables. We describe its architecture and experiment with several parameters on live clouds. We show that the protocol is practical, can work with nowadays clouds, and is efficient both for the servers and for the client. If time permits I’ll also briefly talk about a second result in this model, a 1-round (2-messages) unconditionally-sound protocol for any function computable in log-space uniform NC.

Joint work with Ran Canetti (BU) and Guy Rothblum (Princeton)

Anonymous Card Shuffling and its Applications to Parallel Mixnets (Michael Goodrich, UC Irvine)

We study the question of how to shuffle n cards when faced with an opponent who knows the initial position of all the cards and can track every card when permuted, except when one takes K< n cards at a time and shuffles them in a private buffer “behind your back,”‘ which we call buffer shuffling. The problem arises naturally in the context of parallel mixnet servers as well as other security applications. Our analysis is based on related analyses of load-balancing processes. We include extensions to variations that involve corrupted servers and adversarially injected messages, which correspond to an opponent who can peek at some shuffles in the buffer and who can mark some number of the cards. In addition, our analysis makes novel use of a sum-of-squares metric for anonymity, which leads to improved performance bounds for parallel mixnets and can also be used to bound well-known existing anonymity measures.

Joint work with Michael Mitzenmacher (Harvard)

Towards a Trustworthy Marketplace for Cloud Resources (Azer Bestavros, Boston University)

This talk summarizes research pursued under the BU CloudCommons project, focusing on novel approaches seeking to build trust in the economic utility of IaaS cloud marketplaces. I will start by presenting a model for the  specification of periodic cloud supply and demand. This model allows SLAs to leverage a granular representation of cloud resources, exposing flexibilities that enable providers to safely transform SLAs from one form to another for efficient workload colocation. Next, I will show that such expressive SLAs facilitate the emergence of an efficient marketplace, by presenting two game-theoretic mechanisms for cloud resource management. The first mechanism enables rational, selfish parties to interact in an attempt to minimize the individual costs they incur to secure the shared cloud resources necessary to support their application SLAs. The second mechanism enables dynamic pricing of IaaS clouds in a way that ensures efficient utilization of providers’ resources, while guaranteeing rational fairness to all customers. In addition to various analytical and game-theoretic results, I will present experimental evaluations that quantify the potential utility of these models and mechanisms.

Joint work with Vatche Ishakian (BU), Jorge Londono (U Pontificia Bolivariana), Ray Sweha (BU), and Shanghua Teng (USC).

Participatory Networking – Safely Allowing User-driven Network Management (Rodrigo Fonseca, Brown U)

Current cloud environments have stringent requirements on reconfigurability and security of their networks, as they have to provide to clients the illusion of isolated and elastic networks. Under these conditions, managing these networks with traditional mechanisms such as VLANs and MPLS tunnels is extremely challenging, leading to brittle, static, and ad-hoc solutions. Software-defined networking is an emerging paradigm that provides a programmable, logically centralized abstraction for network control and administration, and offers an attractive alternative which has been gaining traction. In this talk I will present our work on PANE – Participatory Networking – which aims at extending programmatic control of the network to end-users. I will focus on how PANE can be used in a cloud environment to safely delegate control of different aspects of the network to multiple parties, improving the security and configurability of the network.

Joint work with Andrew Ferguson (Brown), Arjun Guha (Brown), and Shriram Krishnamurthi (Brown).

Acknowledgment

Sponsored by the RISCS Center and Hosted at the Hariri Institute at Boston University, The CloudTrust Mini Symposium is part of the annual PI meeting of the NSF-funded collaborative project entitled: “Towards Trustworthy Interactions in the Cloud“, involving researchers from Boston University (Azer Bestavros, Jonathan Appavoo, Leo Reyzin, and Nikos Triandopoulos), Brown University (Roberto Tamassia, Rodrigo Fonseca, and Anna Lysyanskaya), and the University of California, Irvine (Michael Goodrich). For more details, check the project web site.

For more information, please contact Ellen Grady (grady@bu.edu), Associate Director of the RISCS Center.