TRESCCA - TRustworthy Embedded Systems for Secure Cloud Computing Applications
The TRESCCA project aims to lay the foundations of a secure and trustable cloud platform by ensuring strong logical and physical security on the edge devices, using both hardware security and virtualization techniques while considering the whole cloud architecture. The project will propose and demonstrate hardware/software solutions allowing stakeholders to delegate the processing of their sensitive data to a remote processing engine opening up whole new field of cloud services and applications. The approach avoids undesirable paradigm shifts, both in the software and in the hardware by complementing existing legacy solutions by non-intrusive add-ons. Security is a main concern but cost, performance and acceptability will also be considered as key metrics. In order to promote the solutions and to challenge them against security experts, openness will be an important characteristic of the project. As much as possible of the project's outcomes will be public and released under free software licenses.
The security objective is to protect the integrity and confidentiality of sensitive software applications against two kinds of adversaries:
- Logical adversaries like rogue application: virus, Trojan horse or even applications launched by the end user herself.
- Physical adversaries like the end-user themselves, with complete physical access to the system. They can, for instance, probe the bus between the SoC and its external memory. They can use any such board-level attack by probing and spying on or tampering with any communication link between the components of the device.
Protecting the system against logical adversaries will rely on virtualization techniques while board-level physical attacks will be prevented by input - outputs encryption and integrity checking. Both techniques will be implemented as a combination of software and hardware and they will be tightly coupled. Thanks to the proposed generic architecture it will be possible to protect a sensitive software kernel against classical hacking techniques, jailbreaking, mod-chips, etc.
The integration of end users in cloud ecosystems is currently only intended as an information consumer or data submitter who are nearly device independent. A deeper integration is not intended by providers, because of the pictured lack of trust between both sides, especially if the cloud provider has to trust the client side.
TRESSCA will bridge this evolution gap in cloud services by offering the cooperation of different cloud ecosystems, including the end user as a trusted instance with its secured client platform. Furthermore, TRESCCA will allow complex processing of critical data in a fully user transparent manner, without the need to centrally stor ethis information. Such cloud based application architectures will have a tremendous trust advantage compared to services. Current solutions/applications using centralized databases may store critical information and define an attractive attack point (like huge data bases, storing credit card information).
Eventually, TRESCCA will show that information pools are not needed anymore. They will be replaced by a transparent data processing, as well as secure end user data integration.