Nomad: A Framework for Developing Mission-Critical Cloud-Based Applications

Abstract

The practicality of existing techniques for processing encrypted data stored in untrusted cloud environments is a limiting factor in the adoption of cloud-based applications. Both public and private sector organizations are reluctant to push their data to the cloud due to strong requirements for security and privacy of their data. In particular, mission-critical defense applications used by governments do not tolerate any leakage of sensitive data. In this paper, we propose Nomad, a framework for developing mission-critical cloud-based applications. The framework is comprised of: 1) a homomorphism encryption-based service for processing encrypted data directly within the untrusted cloud infrastructure, and 2) a client service for encrypting and decrypting data within the trusted environment, and storing and retrieving these data to and from the cloud. Both services are equipped with GPU-based parallelization to accelerate the expensive homomorphic encryption operations. To evaluate the Nomad framework, we developed Call For Fire, amission-critical application which enables defense personnel to call for fire on targets. Due to the nature of the mission, this application requires guaranteed security. The experimental results highlight the performance enhancements of the GPU-based acceleration mechanism and the feasibility of the Nomad framework.