What is the paper trying to do?
The paper, “Supporting Security Sentitive Tenants in a Bare Metal Cloud”, is trying to present Bolted, an architecture for a bare metal cloud. Bolded is special in that it satisfies the needs of both security sensitive and insensitive tenants; as security sensitive tenants can control their own security and insensitive tenants can use default security.
What do you think is the contribution of the paper? What are its major strengths?
- Allows security sensitive tenants to control their security (assuming physical security and availability is not an issue).
- Does not impose overhead on security insensitive tenants and does not employ extra cost on flexibility and operational efficiency of the provider.
- Eliminate the need to trust the provider to disk scrub via disk-less provisioning.
- “remote attestation”
- allow tenants to inspect source code used to generate the firmware it runs on.
- Performance Evaluation
- Can rapidly set up secure servers with competitive performance (to today’s cloud)
Comments
Post a Comment