AbstractSelf-service Cloud Computing (SSC)  is a recentlyproposed model that empowers clients of public cloud platforms in two ways. First, it improves the security and privacy of client data by preventing cloud operators from snooping on or modifying client VMs. Second, it provides clients the flexibility to deploy services, such as VM introspection-based tools, on their own VMs. SSC achieves these goals by modifying the hypervisor privilege model. This paper focuses on the unique challenges involved in building a control plane for an SSC-based cloud platform. The control plane is the layer that facilitates interaction between hosts in the cloud infrastructure as well as between the client and the cloud. We describe a number of novel features in SSC’s control plane, such as its ability to allow specification of VM dependencies, flexible deployment of network middleboxes, and new VM migration protocols. We report on our design and implementation of SSC’s control plane, and present experimental evaluation of services implemented atop the control plane.
RightsThis Item is protected by copyright and/or related rights.You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use.For other uses you need to obtain permission from the rights-holder(s).