In public cloud computing applications, clients who dispatch workloads to a provider's cloud network for execution must trust the cloud provider to protect information about the workload and data computed from the workload in the provider's cloud infrastructure. Typically, that trust is based upon anonymity (e.g., the difficulty in identifying targets for attack in the vastness of the cloud infrastructure) and the overall security of the cloud infrastructure in which the workload is dispatched (e.g., the security provisions enforced in the cloud network, and the cloud infrastructure's general resistance to attacks by malicious parties). Cloud users may be reluctant to dispatch sensitive workloads since cloud users cannot be certain that workloads will not be compromised during execution, and further cannot isolate a particular workload being compromised from a general compromise of any element of a cloud infrastructure.
Typically, workloads are protected by “big fences”, e.g., security measures designed to keep bad actors out of the cloud network, preventing breaches of hosted workloads. Security measures may also include log analysis of the intersection of workload and host equipment maintained by the cloud provider. The client or user of the cloud must place trust in the cloud provider to identify breaches and communicate their affected domain. In instances where a client does not maintain detailed records of the workload dispatch, the cloud provider's information regarding a breach may not be sufficient to isolate exposure from a security breach, leading to a need to invalidate unnecessarily large blocks of computation (data and results) based upon imprecision in the tracking of what elements were affected by a breach.
In the event of an attack on the cloud infrastructure, cloud users may not be able to isolate information identifying whether their workloads are compromised or not. As a result, when an attack on a cloud occurs, cloud users may be forced to invalidate, discard, or take other security measures, even if the cloud user's workload was not impacted by the attack, e.g., if there is a general compromise of an element on the cloud network infrastructure in which the compromised element did not carry the user's workload.