Towards secure dynamic product lines in the cloud

Cloud-based technologies play an increasing role in software engineering because of their scalability, availability, and cost efficiency. However, due to privacy issues, developers and organizations still hesitate to host applications that handle sensitive data on servers of external cloud providers. Modern hardware extensions, such as Intel's Software Guard Extensions (SGX), are an attempt to provide confidentiality and integrity for applications running on external hardware. Still, enabling SGX in cloud systems poses new challenges considering scalability and flexibility. In this paper, we propose an approach to address these issues by employing concepts from the domain of Dynamic Software Product Lines (DSPLs). We aim to enable applications running on SGX-based cloud systems to be securely reconfigurable and extendable during runtime. In particular, we describe properties that such an approach should fulfill and discuss corresponding challenges.