Abstract
While trusted computing is a well-known technology, its role has been relatively limited in scope and typically limited to single machines. The advent of cloud computing, its role as critical infrastructure and the requirement for trust between the users of computing resources combines to form a perfect environment for trusted and high-integrity computing. Indeed, the use of trusted computing is an enabling technology over nearly all ‘cyber’ areas: secure supply chain management, privacy and critical data protection, data sovereignty, cyber defense, legal etc. To achieve this, we must fundamentally redefine what we mean by trusted and high-integrity computing. We are required to go beyond boot-time trust and rethink notions of run-time trust, partial trust, how systems are constructed, the trust between management and operations, compute and storage infrastructure and the dynamic provisioning of services by external parties. While attestation technologies, so-called run-time trust and virtualized TPM are being brought to the fore, adopting these does not solve any of the fundamental problems of trust in the cloud.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Yang, W., Fung, C.: A survey on security in network function virtualisation. In: IEEE NetSoft Conference and Workshops, pp. 15–19 (2016)
Operators, N.: Network functions virtualization, an introduction, benefits, enablers, challenges and call for action. In: SDN and OpenFlow SDN and OpenFlow World Congress (2012)
ETSI, G.: Network functions virtualisation (NFV): architectural framework. ETSI GS NFV 2(2), V1.ETSI (2013)
Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: a virtual machine directed approach to trusted computing. In: USENIX Virtual Machine Research and Technology Symposium (2004)
Han, B., Gopalakrishnan, V., Ji, L., Lee, S.: Network function virtualization: Challenges and opportunities for innovations. IEEE Commun. Mag. 53(2), 90–97 (2015)
Krautheim, F.J., Phatak, D.S., Sherman, A.T.: Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 211–227. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13869-0_14
Rocha, F., Correia, M.: Lucy in the sky without diamonds: stealing confidential data in the cloud. In: 2011 IEEE/IFIP 41st International Conference Dependable Systems and Networks Workshops (DSN-W), pp. 129–134 (2011)
ETSI, G.: NFV Security and Trust Guidance, ETSI GS NFV-SEC 003 V1.1.1 (2014)
ETSI, G.: Network Function Virtualization: Trust; Report on Attestation Technologies and Practices for Secure Deployments, ETSI GS NFV SEC 007 V0.0.3 (2015)
Khan, K.M., Malluhi, Q.: Establishing trust in cloud computing. IT Prof. 12(5), 20–27 (2010)
Stumpf, F., Benz, M., Hermanowski, M., Eckert, C.: An approach to a trustworthy system architecture using virtualization. In: Xiao, B., Yang, Laurence T., Ma, J., Muller-Schloer, C., Hua, Yu. (eds.) ATC 2007. LNCS, vol. 4610, pp. 191–202. Springer, Heidelberg (2007). doi:10.1007/978-3-540-73547-2_21
Yan, Z., Zhang, P., Vasilakos, A.V.: A security and trust framework for virtualized networks and software-defined networking. Secur. Commun. Netw. 9, 3059–3069 (2015)
Zhang, Q., Cheng, L., Boutaba, R.: Cloud computing: state-of-the-art and research challenges. J. Int. Serv. Appl. 1(1), 7–18 (2010)
Sowmya, R., Lal, S., Oliver, I., Hippelainen, L.: Incorporating Trust in NFV: Addressing the Challenges, IEEE ICIN (2017, to appear)
Lal, S., Sowmya, R., Oliver, I., Taleb, T.: Assuring VNF image integrity and host sealing in Telco Cloud, IEEE ICC (2017, to appear)
Acknowledgments
This work was made under the DIMECC Cyber Trust Program (Finland).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Oliver, I. et al. (2017). Experiences in Trusted Cloud Computing. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. https://doi.org/10.1007/978-3-319-64701-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-64701-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64700-5
Online ISBN: 978-3-319-64701-2
eBook Packages: Computer ScienceComputer Science (R0)