Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.5
2.5
Journals
Applied Sciences
Special Issues
Secure Cloud Computing Infrastructures
applsci-logo
Submit to Applied Sciences Review for Applied Sciences Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

Secure Cloud Computing Infrastructures

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (20 January 2026) | Viewed by 5450

Special Issue Editor

Prof. Dr. Andrey Brito

E-Mail Website
Guest Editor
Department of Computers and Systems, Federal University of Campina Grande, Campina Grande 58190-970, Brazil
Interests: cloud computing; cybersecurity; confidential computing

Special Issue Information

Dear Colleagues,

As concerns regarding cybersecurity increase, so does the need to collect evidence of security and privacy guarantees. This demand has fostered research on various approaches and technologies for implementing trustworthy infrastructure. Nevertheless, in cloud computing environments, where a provider manages a complex stack of software that reduces costs and eases operation for its tenants, this is a significant challenge. Vulnerabilities in the underlying infrastructure can compromise even carefully implemented applications. This Special Issue aims to share results and novel ideas on designing, evaluating, and applying techniques that enable secure cloud computing infrastructures.

An example of a related topic is the advent of trusted execution environments (TEEs). TEEs enable confidential computing and can potentially take security in cloud computing to the next level, isolating the user workloads from a compromised host. Still, there are many challenges in hardware and software for confidential computing. For example, deploying an application in a confidential VM does not comply with the confidential computing threat model (e.g., the application may naively use storage services controlled by the cloud provider). Therefore, the challenges in secure cloud infrastructure extend to other areas of secure infrastructure, including limitations, usability, new threats, performance and cost impacts, interoperability, supply chain security, and so on.

This Special Issue welcomes original research papers in the following intersecting fields:

  • Cloud, edge, and fog computing;
  • Parallel and distributed computing;
  • Hardware architectures;
  • Privacy-preserving artificial intelligence and machine learning;
  • Verification and validation.

Prof. Dr. Andrey Brito
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 250 words) can be sent to the Editorial Office for assessment.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • trusted platforms and trustworthy infrastructures
  • confidential computing and its limitations
  • trusted execution environments
  • attestation and interoperability
  • formal verification
  • validation and performance evaluation of trusted hardware
  • supply chain security
  • threat analysis
  • abstractions and runtimes

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • Reprint: MDPI Books provides the opportunity to republish successful Special Issues in book format, both online and in print.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (2 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

23 pages, 1262 KB  
Article
Confidential Kubernetes Deployment Models: Architecture, Security, and Performance Trade-Offs
by Eduardo Falcão, Fernando Silva, Carlos Pamplona, Anderson Melo, A S M Asadujjaman and Andrey Brito
Appl. Sci. 2025, 15(18), 10160; https://doi.org/10.3390/app151810160 - 17 Sep 2025
Cited by 1 | Viewed by 3065
Abstract
Cloud computing brings numerous advantages that can be leveraged through containerized workloads to deliver agile, dependable, and cost-effective microservices. However, the security of such cloud-based services depends on the assumption of trusting potentially vulnerable components, such as code installed on the host. The [...] Read more.
Cloud computing brings numerous advantages that can be leveraged through containerized workloads to deliver agile, dependable, and cost-effective microservices. However, the security of such cloud-based services depends on the assumption of trusting potentially vulnerable components, such as code installed on the host. The addition of confidential computing technology to the cloud computing landscape brings the possibility of stronger security guarantees by removing such assumptions. Nevertheless, the merger of containerization and confidential computing technologies creates a complex ecosystem. In this work, we show how Kubernetes workloads can be secured despite these challenges. In addition, we design, analyze, and evaluate five different Kubernetes deployment models using the infrastructure of three of the most popular cloud providers with CPUs from two major vendors. Our evaluation shows that performance can vary significantly across the possible deployment models while remaining similar across CPU vendors and cloud providers. Our security analysis highlights the trade-offs between different workload isolation levels, trusted computing base size, and measurement reproducibility. Through a comprehensive performance, security, and financial analysis, we identify the deployment models best suited to different scenarios. Full article
(This article belongs to the Special Issue Secure Cloud Computing Infrastructures)
Show Figures

Figure 1

32 pages, 1473 KB  
Article
Strengthening Trust in Virtual Trusted Platform Modules: Integrity-Based Anchoring Mechanism for Hyperconverged Environments
by Marcela Santos and Reinaldo Gomes
Appl. Sci. 2025, 15(10), 5698; https://doi.org/10.3390/app15105698 - 20 May 2025
Viewed by 1646
Abstract
Virtual Trusted Platform Modules (vTPMs) are widely adopted in commercial cloud platforms such as VMware Cloud, Google Cloud, Microsoft Azure, and Amazon AWS. However, as software-based components, vTPMs do not provide the same security guarantees as hardware TPMs. The existing solutions attempt to [...] Read more.
Virtual Trusted Platform Modules (vTPMs) are widely adopted in commercial cloud platforms such as VMware Cloud, Google Cloud, Microsoft Azure, and Amazon AWS. However, as software-based components, vTPMs do not provide the same security guarantees as hardware TPMs. The existing solutions attempt to mitigate this limitation by anchoring vTPMs to physical TPMs, but such approaches often face challenges in heterogeneous environments and in failure recovery or migration scenarios. Meanwhile, the evolution of data center architectures toward hyperconverged infrastructures introduces new opportunities for security mechanisms by integrating compute, storage, and networking into a single solution. This work proposes a novel mechanism to securely anchor vTPMs in hyperconverged environments. The proposed approach introduces a unified software layer capable of aggregating and managing the physical TPMs available in the data center, establishing a root of trust for vTPM anchoring. It supports scenarios where hardware TPMs are not uniformly available and enables anchoring replication for critical systems. The solution was implemented and evaluated in terms of its performance impact. The results show low computational overhead, albeit with an increase in anchoring time due to the remote anchoring process. Full article
(This article belongs to the Special Issue Secure Cloud Computing Infrastructures)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-2
Back to TopTop