PDL Abstract

Privacy-Sensitive VM Retrospection

HotCloud 2011 3rd USENIX Workshop on Hot Topics in Cloud Computing. Portland, OR, June 14-17, 2011.

Wolfgang Richter, Glenn Ammons‡, Jan Harkes, Adam Goode*, Nilton Bila**, Eyal De Lara**,
Vas Bala‡, Mahadev Satyanarayanan

School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213

‡IBM Research,
**University of Toronto


The success of cloud computing leads to large, centralized collections of virtual machine (VM) images. The ability to retrospect (examine the historical state of) these images at a high semantic level can be valuable in many aspects of IT management such as debugging and troubleshooting, software quality control, legal establishment of data or code provenance, and cyber forensics such as malware tracking and licensing violations. In this paper, we explore the privacy implications of VM retrospection. We argue that retrospection will worsen current concerns about privacy in cloud computing. We develop privacy-sensitive requirements for the design of a retrospection mechanism, and then show how they can be met in a functional prototype.