Increasingly often GPU resources are offered as-a-service by cloud providers. Amazon itself, with its HPC cloud, features a fully functional GPU cloud computing environment based on NVIDIA CUDA (possibly including GPUDirect and VGX hypervisor). The architecture of GPU-as-a-service offerings is much more complex than locally leveraging a GPU or even multiple GPUs on a single host. In fact, on the one hand, the abstraction layer of having one large GPU instead of multiple distributed small ones is still in its infancy, and poses a number of issues. On the other hand, the potential benefits due to cost savings and unprecedented computing power are so overwhelming that such approach calls for investigation. As such, we are interested in investigating advanced GPU cloud environments where real-world workloads of different users coexist and potentially share the same computing resource. The hypothesis that we want to prove is the possibility to securely use GPU resources in cloud environments to guarantee security properties to offered services. In particular, guest VMs and transmission channels' integrity and privacy has to be guaranteed. At the same time, some form of monitoring by the cloud provider over the kind of usage the customer does of the services has to be ensured. Therefore, the cloud provider should be able to analyze service/VM usage/monitoring data in real time while, at the same time, respecting the privacy regulations over the analyzed data.

• Roberto Di Pietro (P.I.)
• Flavio Lombardi (Postdoc)
• Antonio Villani (Ph.D. student)

• A. I. Avetisyan, R. Campbell, I. Gupta, M. T. Heath, and al. Open Cirrus: A Global Cloud Computing Testbed. Computer, April 2010.
• F. Lombardi and R. Di Pietro. Kvmsec: A Security Extension for Linux Kernel Virtual Machines. In SAC 09: Proceedings of the 2009 ACM symposium on Applied Computing
• F. Lombardi and R. Di Pietro. Cudacs: Securing the Cloud with CUDA-enabled Secure Virtualization. In Information and Communications Security, volume LNCS 6476, Springer Berlin Heidelberg, 2010.
• F. Lombardi and R. Di Pietro. Secure Virtualization for Cloud Computing. Journal of Network and Computer Applications, 2010.
• F. Lombardi and R. Di Pietro. A Security Management Architecture for the Protection of Kernel Virtual Machines. In IEEE TSP 10.