Using Trusted Third Parties to build a secure cloud service

Using Trusted Third Parties to build a secure cloud service

On Wednesday 13 April 2016, Professor David Wallom of the Oxford e-Research Centre presented the first public description of the Porridge distributed remote attestation service, which introduces a fundamental change in the customer-provider trust relationship within the cloud.

Widespread adoption of public cloud computing is hindered in some fields by the necessity for verifiable data privacy and security, with traditional security still requiring users to trust their Cloud Service Provider. Trusted Computing provides an alternative to this, via a method whereby the state of a computing system may be recorded and cryptographically verified. The Oxford e-Research Centre and 100PercentIT 'Trusted Cloud' project aims to bring these two computing technologies together to integrate trusted computing technology into public cloud computing infrastructure, to provide verifiable security, privacy and trust. This will be used to develop enhanced product lines and hence new customers and will be launched as a commercially available enhanced IaaS service through     

The Porridge service uses multiple Trusted Third Parties as a way of building a cryptographically secure and measurable IaaS cloud service. This allows users to know that the cloud configuration they are using is correct and as expected, in a chain of trust from the hardware of the host, to the host hypervisor, their virtual machine and their data; and can be continually checked against a secure externally hosted reference.

The project, a collaboration between the Oxford e-Research Centre, 100PercentIT and other partners, is supported by Innovate UK under the Knowledge Transfer Partnerships programme.

To find out more about Trusted Computing and Cloud Computing, see Professor Wallom's slides from his presentation at Cloud Security Expo:

Programme for Cloud Security Expo 2016:

Left to right: Anbang Ruan, David Blundel, Michel Drescher and David Wallom

Left to right: Anbang Ruan, David Blundell, Michel Drescher and David Wallom