A Proposal for Resource Isolation in Multi-Tenant Storage Systems

Summary
This deliverable consists of the design and implementation of multi-tenant isolation techniques for cloud systems that can be used in combination with existing application-level methods and leverage (i) OS-and system-based isolation primitives, to enable a second set of security controls, and/or (ii) existing dedicated security hardware (e.g., Trusted Platform Modules, Hardware Security Modules) and existing or new Trusted Execution Environments (TEEs) that are built upon the latter