Dynamic trustworthiness verification mechanism for trusted cloud execution environment

被引：0

作者：

Liu, Chuan-Yi ^{[1
,3
]}

Lin, Jie ^{[2
,3
]}

Tang, Bo ^{[4
]}

机构：

[1] Software School, Beijing University of Posts and Telecommunications

[2] School of Computer Science and Technology, Beijing University of Posts and Telecommunications

[3] Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education

[4] Department of IT Construction, Postal Savings Bank of China

来源：

Ruan Jian Xue Bao/Journal of Software | 2014年 / 25卷 / 03期

关键词：

Cloud computing; Trusted computing; Trusted platform module; Trustworthiness verification;

D O I：

10.13328/j.cnki.jos.004447

中图分类号：

学科分类号：

摘要：

Providing a provable and verifiable execution environment for the tenants is a very important problem in the cloud computing mode. This paper proposes a dynamic trustworthiness verification mechanism for the tenants' virtual execution environment, named TCEE (trusted cloud execution environment), which extends the current trusted chain into virtual machine's architecture stack. It cyclically verifies the trustworthiness of the memory and file systems within the virtual execution environments. TCEE introduces a TTP (trusted third party) to perform the verification and audit action against tenants' virtual machines to avoid heavy involvement of end tenants and unnecessary information leakage of the cloud providers. A prove-of-concept prototype is implemented according to TCEE to evaluate the effectiveness and the performance overhead incurred. Experimental results show that TCEE is effective and its performance overhead is minor. © Copyright 2014, Institute of Software, the Chinese Academy of Science. All rights reserved.

引用

页码：662 / 674

页数：12

共 22 条

[1] Chen Y., Paxson V., Katz R., What's New about Cloud Computing Security?, (2010)
[2] Ko R.K.L., Jagadpramana P., Mowbray M., Pearson S., Kirchberg M., Liang Q.H., Lee B.S., TrustCloud: A framework for accountability and trust in cloud computing, Proc. of the 2nd IEEE World Congress on Services, pp. 584-588, (2011)
[3] Jansen W., Grance T., Guidelines on Security and Privacy in Public Cloud Computing, (2011)
[4] Marco S., BlackHat presentation demo vids: Amazon, part 4 of 5, AMIBomb, (2009)
[5] Armbrust M., Fox A., Griffith R., Joseph A.D., Katz R.H., Konwinski A., Lee G., Patterson D.A., Rabkin A., Stoica I., Zaharia M., Above the Clouds: A Berkeley View of Cloud Computing, (2009)
[6] Berger S., Caceres R., Pendarakis D., Sailer R., Valdez E., Perez R., Schildhauer W., Srinivasan D., TVDc: Managing security in the trusted virtual datacenter, ACM SIGOPS Operating Systems Review, 42, 1, pp. 40-47, (2008)
[7] Jinesh V., Migrating your existing applications to the AWS cloud, (2010)
[8] Butler B., Eucalyptus: We're the Amazon of private cloud companies, IDG Technical Report, (2012)
[9] Berger S., Caceres R., Goldman K.A., Perez R., Sailer R., van Doorn L., vTPM: Virtualizing the trusted platform module, Proc. of the 15th Conf. on USENIX Security Symp., pp. 305-320, (2006)
[10] TCG Software Stack (TSS) Specification-Version 1.2 Golden, (2007)

← 1 2 3 →