RestAssured provides a reference architecture for protecting sensitive data and applications in a cloud environment by supplying secure enclaves and sticky policies for data protection that migrate across the cloud with the data. Additionally, the overall security of the end-to-end service is analyzed by models@runtime and risk analysis tools.
The RestAssured solution is a blueprint for both cloud providers, service providers and service developers.
Secure cloud computing is key for business success and end-user adoption of public and hybrid clouds. Currently, however, most service providers would consider it highly risky to process sensitive data on public clouds, due to the vulnerability of attacks leaking data.
However, recent advantages in hardware, such as Intel's SGX (Software Guard Extensions) which provides a secure enclaves for processing data, protecting applications and data against unauthorized access and tampering. RestAssured provides an an architecture and reference implementation based on real-world use cases to not only securely implement cloud-based applications taking advantage of secure enclaves, but to provide enforcement for user/organizational defined policies for access control to sensitive data.
RestAssured as all about the security of data on the cloud. Applications implemented in a RestAssured environment utilize hardware-based secure enclaves to guarantee that the code and data in the enclave cannot be externally accessed or modified.
RestAssured tools will analyze the implementation of a cloud-based service to determine if there are any security vulnerabilities. This will provide a more secure environment for both end-users and service providers on the cloud.