OAuth 2.0-based authentication solution for FPGA-enabled cloud computing

Abstract

FPGA-enabled cloud computing is getting more and more common as cloud providers offer hardware accelerated solutions. In this context, clients need confidential remote computing. However Intellectual Properties and data are being used and communicated. So current security models require the client to trust the cloud provider blindly by disclosing sensitive information. In addition, the lack of strong authentication and access control mechanisms, for both the client and the provided FPGA in current solutions, is a major security drawback. To enhance security measures and privacy between the client, the cloud provider and the FPGA, an additional entity needs to be introduced: the trusted authority. Its role is to authenticate the client-FPGA pair and isolate them from the cloud provider. With our novel OAuth 2.0-based access delegation solution for FPGA-accelerated clouds, a remote confidential FPGA environment with a token-based access can be created for the client. Our solution allows to manage and securely allocate heterogeneous resource pools with enhanced privacy & confidentiality for the client. Our formal analysis shows that our protocol adds a very small latency which is suitable for real-time application.