Filters








2,270 Hits in 4.5 sec

Model Checking Boot Code from AWS Data Centers [chapter]

Byron Cook, Kareem Khazem, Daniel Kroening, Serdar Tasiran, Michael Tautschnig, Mark R. Tuttle
2018 Lecture Notes in Computer Science  
We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of any data center.  ...  This paper describes our experience with symbolic model checking in an industrial setting.  ...  Introduction Boot code is the first code to run in a data center; thus, the security of a data center depends on the security of the boot code.  ... 
doi:10.1007/978-3-319-96142-2_28 fatcat:33kkqaeezbdehpikxihtzrzez4

Model checking boot code from AWS data centers

Byron Cook, Kareem Khazem, Daniel Kroening, Serdar Tasiran, Michael Tautschnig, Mark R. Tuttle
2020 Formal methods in system design  
We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of any data center.  ...  This paper describes our experience with symbolic model checking in an industrial setting.  ...  Introduction Boot code is the first code to run in a data center; thus, the security of a data center depends on the security of the boot code.  ... 
doi:10.1007/s10703-020-00344-2 fatcat:lx63mgkbyja3bfsfafo7h4s65i

A Systematic Study of Micro Service Architecture Evolution and their Deployment Patterns

Chaitanya K.
2018 International Journal of Computer Applications  
The VM can be in the data center or in the public cloud. The containers can be self-managed or orchestrated. The orchestration can be done by the cloud provider or a third-party software.  ...  This research paper illustrates (1) the journey of architectural design patterns from SOA to MSA, by citing the related work and the reasons for evolution. (2) various deployment models available for MSA  ...  center deployment model.  ... 
doi:10.5120/ijca2018918153 fatcat:2vo7sgdllzapxj3xqlmiyol2hm

Code-level model checking in the software development workflow

Nathan Chong, Byron Cook, Konstantinos Kallas, Kareem Khazem, Felipe R. Monteiro, Daniel Schwartz-Narbonne, Serdar Tasiran, Michael Tautschnig, Mark R. Tuttle
2020 Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice  
Lessons learned are drawn from proving properties of numerous C-based systems, e.g., custom hypervisors, encryption code, boot loaders, and an IoT operating system.  ...  This experience report describes a style of applying symbolic model checking developed over the course of four years at Amazon Web Services (AWS).  ...  BACKGROUND The focus of our work is the foundational security of software running in AWS data centers, SDKs, and devices.  ... 
doi:10.1145/3377813.3381347 dblp:conf/icse/ChongCKKMSTTT20 fatcat:hu6kttl6azbc5bjdpjggyibxki

Code‐level model checking in the software development workflow at Amazon Web Services

Nathan Chong, Byron Cook, Jonathan Eidelman, Konstantinos Kallas, Kareem Khazem, Felipe R. Monteiro, Daniel Schwartz‐Narbonne, Serdar Tasiran, Michael Tautschnig, Mark R. Tuttle
2021 Software, Practice & Experience  
This article describes a style of applying symbolic model checking developed over the course of four years at Amazon Web Services (AWS).  ...  Lessons learned are drawn from proving properties of numerous C-based systems, for example, custom hypervisors, encryption code, boot loaders, and an IoT operating system.  ...  Code-level model checking in the software development workflow at Amazon Web Services.  ... 
doi:10.1002/spe.2949 fatcat:3sirdpatwbdxvkard4fghvs3l4

Web Services using Cloud as a Platform

R. Arpitha
2018 International Journal for Research in Applied Science and Engineering Technology  
The goal of this paper is to give a general summary of the AWS internet services and additionally some others services offered by Google company-Google App Engine, IBM-Microsoft Azure.  ...  provides various edges like simplicity and lower prices, virtually unlimited storage, least maintenance, simple utilization, backup and recovery, continuous accessibility, quality of service, machine-driven code  ...  SaaS model provides the code applications as a service.  ... 
doi:10.22214/ijraset.2018.5390 fatcat:femkwzucfbfzdaskjlzg2f2zdy

Formal Reasoning About the Security of Amazon Web Services [chapter]

Byron Cook
2018 Lecture Notes in Computer Science  
We report on the development and use of formal verification tools within Amazon Web Services (AWS) to increase the security assurance of its cloud infrastructure and to help customers secure themselves  ...  For example, changes to CBMC [2] facilitate its application to C-based systems at the bottom of the compute stack used in AWS data centers [27] .  ...  The application security review process used within AWS increasingly involves the use of deductive theorem proving and/or symbolic model checking to establish important temporal properties of the software  ... 
doi:10.1007/978-3-319-96145-3_3 fatcat:satz32czevf3djxace2gshftfe

A high performance scientific cloud computing environment for materials simulations

K. Jorissen, F.D. Vila, J.J. Rehr
2012 Computer Physics Communications  
To facilitate code execution and provide user-friendly access, we have also integrated cloud computing capability in a JAVA-based GUI.  ...  provides automatic creation of virtual clusters for parallel computing, including tools for execution and monitoring performance, as well as efficient I/O utilities that enable seamless connections to and from  ...  We especially thank AWS and in particular Deepak Singh for support and encouragement. We also thank Jeff Gardner for valuable discussions and comments.  ... 
doi:10.1016/j.cpc.2012.04.010 fatcat:hkqg56ytpvbz5b7lyya5orslfm

The Design of a Community Science Cloud: The Open Science Data Cloud Perspective [article]

Robert L. Grossman, Matthew Greenway, Allison P. Heath, Ray Powell, Rafael D. Suarez, Walt Wells, Kevin White, Malcolm Atkinson, Iraklis Klampanos, Heidi L. Alvarez, Christine Harvey, Joe J. Mambretti
2016 arXiv   pre-print
Currently, the OSDC consists of more than 2000 cores and 2 PB of storage distributed across four data centers connected by 10G networks.  ...  The goal of the OSDC is to provide petabyte-scale data cloud infrastructure and related services for scientists working with large quantities of data.  ...  Acknowledgments This work was supported in part by grants from Gordon and Betty Moore Foundation, the National Science Foundation (Grant OISE -1129076 and CISE 1127316), and the National Institutes of  ... 
arXiv:1601.00323v1 fatcat:wq63cbcnljbcnbxeimubqimlwe

D1.3 - Initial design of the architecture

Daniele Lezzi
2021 Zenodo  
In the process Secure Boot checks every signature against a specific private key, which the developer of the booting software used to sign the code beforehand.  ...  This happens before anything else in the boot process is executed. If a check fails, the entire boot process is aborted.  ...  These keys are only transferred between these different databases, the TPM and the booted components. No data from the Secure Boot process is published outside the process or instance.  ... 
doi:10.5281/zenodo.6372657 fatcat:g7vubkfwvndnpd57uoxp7ybguu

The Design of a Community Science Cloud: The Open Science Data Cloud Perspective

Robert L. Grossman, Matthew Greenway, Allison P. Heath, Ray Powell, Rafael D. Suarez, Walt Wells, Kevin White, Malcolm Atkinson, Iraklis Klampanos, Heidi L. Alvarez, Christine Harvey, Joe J. Mambretti
2012 2012 SC Companion: High Performance Computing, Networking Storage and Analysis  
Currently, the OSDC consists of more than 2000 cores and 2 PB of storage distributed across four data centers connected by 10G networks.  ...  The goal of the OSDC is to provide petabyte-scale data cloud infrastructure and related services for scientists working with large quantities of data.  ...  IPMI is triggered to boot the servers, which then pull a start-up image and boot options from the PXE boot server.  ... 
doi:10.1109/sc.companion.2012.127 dblp:conf/sc/GrossmanGHPSWWAKAHM12 fatcat:hxlb5kykave43kq2aa3quqo6wm

ShEF: Shielded Enclaves for Cloud FPGAs [article]

Mark Zhao, Mingyu Gao, Christos Kozyrakis
2021 arXiv   pre-print
ShEF is independent from CPU-based TEEs and allows secure execution under a threat model where the adversary can control all software running on the CPU connected to the FPGA, has physical access to the  ...  ShEF provides a secure boot and remote attestation process that relies solely on existing FPGA mechanisms for root of trust.  ...  The ShEF boot process centers around a software security kernel that extends the FPGA's hardware root-of-trust.  ... 
arXiv:2103.03500v1 fatcat:w7f2cnp3bneirhxeyfiiivw7my

2020 Index IEEE Transactions on Computers Vol. 69

2020 IEEE transactions on computers  
Ramezanpour, K., +, TC Nov. 2020 1626-1638 Variable length codes Adaptive-Length Coding of Image Data for Low-Cost Approximate Storage.  ...  ., +, TC July 2020 929-930 Data privacy HEAWS: An Accelerator for Homomorphic Encryption on the Amazon AWS FPGA.  ... 
doi:10.1109/tc.2020.3042405 fatcat:htwgwc6gtbcfdkcpj6dcfbuwhq

Security Concerns in Cloud Computing

Gopal K. Shyam, Mir Abdul Samim Ansari
2018 International Journal of Trend in Scientific Research and Development  
Cloud computing is a revolutionary way of storing and accessing data with five essential characteristics, three service models, and four deployment models.  ...  In defiance of its potential characteristics, the organizations risk their sensitive data by storing it in the cloud.  ...  It requires a substantial six-digit, unmarried-utilize code from a confirmation gadget in your real ownership promote on your in vogue AWS account qualifications sooner than get to is allowed to an AWS  ... 
doi:10.31142/ijtsrd18306 fatcat:ojbdanrxpfg6zjnrm3n2la3ucy

Private delegated computations using strong isolation [article]

Mathias Brossard, Guilhem Bryant, Basma El Gaabouri, Xinxin Fan, Alexandre Ferreira, Edmund Grimley-Evans, Christopher Haster, Evan Johnson, Derek Miller, Fan Mo, Dominic P. Mulligan, Nick Spinale (+3 others)
2022 arXiv   pre-print
Isolates, with an attestation protocol, permit remote third-parties to establish a trusted "beachhead" containing known code and data on an otherwise untrusted machine.  ...  and data hosted within -- even in the face of a privileged attacker.  ...  In the training and inference case-study, the program receives input datasets from the respective data providers and a pre-learnt model from a model provider.  ... 
arXiv:2205.03322v1 fatcat:btpud7ctmnc4jfbxmovelnsfti
« Previous Showing results 1 — 15 out of 2,270 results