SILVA, F. F. O.; http://lattes.cnpq.br/9493575210094266; SILVA, Fábio Fernando de Oliveira.
Resumo:
The enterprise adoption of the cloud computing is growing all the time. Among the main
reasons for this movement to the cloud are its scalability and low-cost. With this growing
adoption of services from cloud computing providers, the risks of data breaches also increase as potentially sensitive user information such as payment information, medical data, and financial transactions, traffic through and are processed on third-party computing infrastructures. To support the secure remote software execution on a third-party managed computing system, we exploit the trusted execution environments (TEEs), which is a solution supported by the literature. In addition to TEEs, another key technology in this work is the use of publish/subscribebased message buses. This communication paradigm is quite adequate for the nature of large-scale distributed applications. It facilitates the implementation of properties such as scalability and low coupling and is widely applied where there are large scale data dissemination and continuous processing, such as financial systems, resource monitoring systems, IoT applications, among others. Considering the scenario in which publish/subscribe applications are moving to the cloud, components must be modified to ensure the integrity and confidentiality of information in this new third-party-managed environment. However, depending on the number of components and complexity of the application in question, the necessary modifications can have a high development cost. In this work, we propose a strategy to provide guarantees of integrity and confidentiality for publish/subscribe applications, without requiring changes to their implementations.