Execution Environments for Running Legacy Applications in Multi-Party Trust Settings
| dc.contributor.advisor | Levin, Dave | en_US |
| dc.contributor.author | Herwig, Stephen Mark | en_US |
| dc.contributor.department | Computer Science | en_US |
| dc.contributor.publisher | Digital Repository at the University of Maryland | en_US |
| dc.contributor.publisher | University of Maryland (College Park, Md.) | en_US |
| dc.date.accessioned | 2021-09-22T05:35:46Z | |
| dc.date.available | 2021-09-22T05:35:46Z | |
| dc.date.issued | 2021 | en_US |
| dc.description.abstract | Applications often assume that the same party owns all of the application’s resources, and that these resources require the same level of privacy. This assumption no longer holds when organizations outsource applications to a third-party cloud, or when the application requires access to not only public content, but private configuration, such as authentication and keying material. The result of this broken assumption is that applications either must be re-written to accommodate each new security posture, or used as-is, accepting that one party exposes private data to another. In this dissertation, I argue the following thesis: it is possible to run legacy application binaries with confidentiality and integrity guarantees that reflect a multi-party trust setting. I support this thesis through the design, implementation, and evaluation of two distinct application-level virtualization layers that handle trust concerns on behalf of the application: conclaves and SecureMigration. Conclaves assume the availability of Intel SGX secure hardware enclaves and extend prior work in developing runtimes that execute legacy applications within an enclave. In contrast, SecureMigration does not use secure hardware, but rather composes information flow control with process migration to execute a process across multiple physical machines owned and operated by distinct principals, while shielding each principal’s sensitive portion of the process from its peers. | en_US |
| dc.identifier | https://doi.org/10.13016/ygsx-zja9 | |
| dc.identifier.uri | http://hdl.handle.net/1903/27943 | |
| dc.language.iso | en | en_US |
| dc.subject.pqcontrolled | Computer science | en_US |
| dc.subject.pquncontrolled | Intel SGX | en_US |
| dc.subject.pquncontrolled | Secure remote computation | en_US |
| dc.subject.pquncontrolled | Virtualization | en_US |
| dc.title | Execution Environments for Running Legacy Applications in Multi-Party Trust Settings | en_US |
| dc.type | Dissertation | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Herwig_umd_0117E_21927.pdf
- Size:
- 798.01 KB
- Format:
- Adobe Portable Document Format