Chapter

Secure Cloud Computing

pp 95-121

Date:

Proof of Isolation for Cloud Storage

  • Zhan WangAffiliated withState Key Laboratory of Information Security, Institute of Information Security, Chinese Academy of Sciences Email author 
  • , Kun SunAffiliated withCenter for Secure Information Systems, George Mason University
  • , Sushil JajodiaAffiliated withCenter for Secure Information Systems, George Mason University
  • , Jiwu JingAffiliated withState Key Laboratory of Information Security, Institute of Information Security, Chinese Academy of Sciences

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Cloud services help users reduce operational costs by sharing the hardware resources across multiple tenants. However, due to the shared physical resources, malicious users can build covert channels to leak sensitive information (e.g., encryption keys) between co-resident tenants. Cloud service providers have proposed to mitigate these concerns by offering physically isolated resources; however, cloud users have no ways to verify the actual configuration and level of the resource isolation. To increase the observability of disk storage isolation, we introduce two Proof of Isolation (PoI) schemes that enable cloud users to verify separated disk storage and dedicated disk storage, respectively. Our experimental results show that our PoI schemes are practical in both private and public cloud environments.