| Cloud computing has transformed the IT industry. Clients can acquire computing resources on demand from the cloud, and can drastically reduce their maintenance, management and startup cost. Many new companies rely exclusively on the cloud and according to Gartner's study [23], by 2015, 90% of government agencies and large companies will be using the cloud. However, many challenges remain in ensuring wide adoption of the cloud. In this work, we have focused on two such challenges.;The first challenge is that of security and privacy. When clients choose to use public cloud infrastructure, the confidentiality and integrity of their code and data can be compromised by insider attacks (e.g., malicious system administrators). The second challenge is that of inadequate flexibility provided to the clients. Clients must typically rely on the cloud provider to deploy useful services, such as security services (NIDS or Rootkit and Malware detectors) or deduplication services e.g.,memory or storage deduplication.;In virtualized cloud infrastructures, a Virtual Machine Monitor (VMM) governs the execution of client virtual machines (VMs). Both the challenges discussed above arise from the way VMMs assign privilege to client VMs. In this work, we have designed and implemented Self-service Cloud Computing (SSC), a new cloud computing model that introduces novel abstractions to improve the security and privacy of client code and data, and gives clients more flexible control over their VMs.;In SSC, the privilege model of a commodity VMM is modified and a new cloud management platform is designed and implemented, which uses the modified VMM to solve the security and flexibility problem without affecting the benefits of cloud computing like low maintenance and management cost. SSC incorporates protocols based on Trusted Platform Module (TPM) to establish client's trust on the SSC enabled infrastructure. To demonstrate the utility of SSC, we have implemented and evaluated multiple security, storage and networking services. |
