Brussels / 4 & 5 February 2023


Building a secure network of trusted applications on untrusted hosts

Deploying to "the cloud" is incredibly convenient, but that convenience normally comes at a cost. The host necessarily becomes a major part of the applications trust domain, and a compromised host means a compromised application or a network of thereof. This prevents several highly-regulated sectors, such as medical or financial, from directly deploying to "the cloud" as opposed to building their own infrastructure. Solutions to this problem exist, but most require a custom and correct implementation tied to a particular hardware vendor and SDK. I will present a hardware-agnostic and cloud provider-agnostic solution to this issue, which, with minimal changes to the implementation, can be used to secure a network of applications and demonstrate strong trust assertions produced by doing so.


Photo of Roman Volosatovs Roman Volosatovs