Secure Context Switch for Private Computing on Public Platforms

Private computing on public platforms (PCPP) is a new technology designed to enable secure and private execution of applications on remote, potentially hostile, public platforms. PCPP uses a host assessment to validate a host´s hardware and software configuration and then uses four active security building blocks which together allow an application to remain unaltered, unmonitored, and unrecorded before, during, and after execution on the public platform. In this paper we develop a key PCPP building block, secure context switch (SCS), which isolates an executing application´s context, i.e. its executable code, data segments, heap, and stack, using encryption techniques. Additionally, we detail our implementation of SCS and offer experimental results showing the performance impact of protecting an application with SCS.