research-article

OAuth 2.0-based authentication solution for FPGA-enabled cloud computing

Authors:

Renaud SantoroAuthors Info & Claims

UCC '21: Proceedings of the 14th IEEE/ACM International Conference on Utility and Cloud Computing Companion

Article No.: 13, Pages 1 - 6

https://doi.org/10.1145/3492323.3495635

Published: 07 February 2022 Publication History

Get Access

Abstract

FPGA-enabled cloud computing is getting more and more common as cloud providers offer hardware accelerated solutions. In this context, clients need confidential remote computing. However Intellectual Properties and data are being used and communicated. So current security models require the client to trust the cloud provider blindly by disclosing sensitive information. In addition, the lack of strong authentication and access control mechanisms, for both the client and the provided FPGA in current solutions, is a major security drawback. To enhance security measures and privacy between the client, the cloud provider and the FPGA, an additional entity needs to be introduced: the trusted authority. Its role is to authenticate the client-FPGA pair and isolate them from the cloud provider. With our novel OAuth 2.0-based access delegation solution for FPGA-accelerated clouds, a remote confidential FPGA environment with a token-based access can be created for the client. Our solution allows to manage and securely allocate heterogeneous resource pools with enhanced privacy & confidentiality for the client. Our formal analysis shows that our protocol adds a very small latency which is suitable for real-time application.

References

[1]

F. Turan, S. S. Roy and I. Verbauwhede, "HEAWS: An Accelerator for Homomorphic Encryption on the Amazon AWS FPGA," in IEEE Transactions on Computers, vol. 69, no. 8, pp. 1185--1196, 1 Aug. 2020

Google Scholar

[2]

Hardt, D., Ed., "The OAuth 2.0 Authorization Framework", RFC 6749

Google Scholar

[3]

J. Vliegen, M. M. Rabbani, M. Conti and N. Mentens, "SACHa: Self-Attestation of Configurable Hardware," 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2019, pp. 746--751

Google Scholar

[4]

Fei Chen, Yi Shan, Yu Zhang, Yu Wang, Hubertus Franke, Xiaotao Chang, and Kun Wang. 2014. Enabling FPGAs in the cloud. In Proceedings of the Computing Frontiers Conference (CF'14)

Digital Library

Google Scholar

[5]

Mikhail Asiatici, Nithin George, Kizheppatt Vipin, Suhaib A. Fahmy, and Paolo Ienne. 2017. Virtualized execution runtime for FPGA accelerators in the cloud. IEEE Access 5 (2017), 1900--1910

Crossref

Google Scholar

[6]

H. Englund and N. Lindskog, "Secure acceleration on cloud-based FPGAs - FPGA enclaves," 2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), New Orleans, LA, USA, 2020, pp. 119--122

Google Scholar

[7]

M. E. S. Elrabaa, M. Al-Asli and M. Abu-Amara, "Secure Computing Enclaves Using FPGAs" in IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 2, pp. 593--604, 1 March-April 2021

Digital Library

Google Scholar

[8]

Oliver Knodel, Paul R. Genssler, Fredo Erxleben, and Rainer G. Spallek. 2018. FPGAs and the cloud-An endless tale of virtualization, elasticity and efficiency. Int. J. Adv. Syst. Meas. 11, 3 (2018).

Google Scholar

[9]

Ken Eguro and Ramarathnam Venkatesan. 2012. FPGAs for trusted cloud computing. In Proceedings of the 22nd International Conference on Field Programmable Logic and Applications (FPL'12). 63--70

Crossref

Google Scholar

[10]

B. Hong, H. Kim, M. Kim, T. Suh, L. Xu and W. Shi, "FASTEN: An FPGA-Based Secure System for Big Data Processing," in IEEE Design & Test, vol. 35 Feb. 2018

Google Scholar

[11]

Rescorla "The Transport Layer Security Protocol Version 1.3", RFC 8446, 2018

Google Scholar

[12]

A. M. Bellemou, A. García, E. Castillo, N. Benblidia, M. Anane, J. A. Álvarez-Bermejo, and L. Parrilla, "Efficient Implementation on Low-Cost SoC-FPGAs of TLSv1.2 Protocol with ECC AES Support for Secure IoT Coordinators," Electronics, vol. 8, no. 11, p. 1238, Oct. 2019

Crossref

Google Scholar

[13]

Hamilton, M.; Marnane, W.P. Implementation of a secure TLS coprocessor on an FPGA. Microprocess. Microsyst. 2016, 40, 167--180.

Digital Library

Google Scholar

[14]

Wang, H.; Bai, G.; Chen, H. A Gbps IPSec SSL Security Processor Design and Implementation in an FPGA Prototyping Platform. J. Signal Process Syst. 2010

Google Scholar

Cited By

View all

Sukeerthi KKesavan RKalaiselvan S(2023)A Detailed Study on Security and Privacy Analysis and Mechanisms in Cloud Computing2023 International Conference on Research Methodologies in Knowledge Management, Artificial Intelligence and Telecommunication Engineering (RMKMATE)10.1109/RMKMATE59243.2023.10368808(1-7)Online publication date: 1-Nov-2023
https://doi.org/10.1109/RMKMATE59243.2023.10368808
Xia KWei S(2023)DF-TEE: Trusted Execution Environment for Disaggregated Multi-FPGA Cloud Systems2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)10.1109/AsianHOST59942.2023.10409376(1-6)Online publication date: 13-Dec-2023
https://doi.org/10.1109/AsianHOST59942.2023.10409376
Ince SEspes DLallet JGogniat GSantoro R(2023)Authentication and Confidentiality in FPGA-Based CloudsSecurity of FPGA-Accelerated Cloud Computing Environments10.1007/978-3-031-45395-3_1(1-27)Online publication date: 18-Sep-2023
https://doi.org/10.1007/978-3-031-45395-3_1
Show More Cited By

Index Terms

OAuth 2.0-based authentication solution for FPGA-enabled cloud computing

Recommendations

Authentication in mobile cloud computing

Mobile cloud computing (MCC) is the state-of-the-art mobile distributed computing model that incorporates multitude of heterogeneous cloud-based resources to augment computational capabilities of the plethora of resource-constraint mobile devices. In MCC,...
Security Paradigms for Cloud Computing
CICSYN '12: Proceedings of the 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks

Cloud Computing--some treat it as a catchphrase, others as the next step in evolution of their organization and the Internet. However, what is for sure is that, it is a way of leveraging less expensive services based environment providing cost-effective ...
Two Factor Authentication using M-pin Server for Secure Cloud Computing Environment

Cloud computing is comprised of major demand from the every group of organization because of easy availability and cost effectiveness. The responsibilities of cloud service providers will become increasing more due to the great progression in every ...

Comments

Information & Contributors

Information

Published In

UCC '21: Proceedings of the 14th IEEE/ACM International Conference on Utility and Cloud Computing Companion

December 2021

256 pages

ISBN:9781450391634

DOI:10.1145/3492323

Conference Chairs:
Luiz F. Bittencourt
University of Campinas, Brazil
,
Alan Sill
Texas Tech University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

IEEE TCSC: IEEE Technical Committee on Scalable Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 February 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

UCC '21

Sponsor:

SIGARCH

UCC '21: 2021 IEEE/ACM 14th International Conference on Utility and Cloud Computing

December 6 - 9, 2021

Leicester, United Kingdom

Acceptance Rates

Overall Acceptance Rate 38 of 125 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
138
Total Downloads

Downloads (Last 12 months)40
Downloads (Last 6 weeks)4

Reflects downloads up to 27 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sukeerthi KKesavan RKalaiselvan S(2023)A Detailed Study on Security and Privacy Analysis and Mechanisms in Cloud Computing2023 International Conference on Research Methodologies in Knowledge Management, Artificial Intelligence and Telecommunication Engineering (RMKMATE)10.1109/RMKMATE59243.2023.10368808(1-7)Online publication date: 1-Nov-2023
https://doi.org/10.1109/RMKMATE59243.2023.10368808
Xia KWei S(2023)DF-TEE: Trusted Execution Environment for Disaggregated Multi-FPGA Cloud Systems2023 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)10.1109/AsianHOST59942.2023.10409376(1-6)Online publication date: 13-Dec-2023
https://doi.org/10.1109/AsianHOST59942.2023.10409376
Ince SEspes DLallet JGogniat GSantoro R(2023)Authentication and Confidentiality in FPGA-Based CloudsSecurity of FPGA-Accelerated Cloud Computing Environments10.1007/978-3-031-45395-3_1(1-27)Online publication date: 18-Sep-2023
https://doi.org/10.1007/978-3-031-45395-3_1
Ince SEspes DGogniat GSantoro RLallet J(2022)Token-based authentication and access delegation for HW-accelerated telco cloud solution2022 IEEE 11th International Conference on Cloud Networking (CloudNet)10.1109/CloudNet55617.2022.9978865(109-117)Online publication date: 7-Nov-2022
https://doi.org/10.1109/CloudNet55617.2022.9978865

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Authentication in mobile cloud computing

Security Paradigms for Cloud Computing

Two Factor Authentication using M-pin Server for Secure Cloud Computing Environment