Abstract
A Trusted Platform Module (TPM) is a small and hence low-performance hardware chip whose main function - at least for the service provisioning topic of this paper - is to play a trusted third party’s role inside a service provisioning computing platform so that the platform will have what we call a behaviour conformity property. The property of behaviour conformity is most needed in service oriented applications, such as utility computing, grid computing and the new notion of cloud computing, where a resource-scarce user (guest) submits jobs to be computed at computational resource providers (hosts). It is inevitable that prior to a session of service provisioning, security protocols will run between the guest, the host, and the TPM. For service provisioning to have scalability albeit TPM’s low performance, such a protocol needs to be carefully designed not to place the TPM in a bottleneck position. We propose a protocol mechanism by remodelling the original TPM being the trusted computing base (TCB) into two sub-components: a high performance software TCB which is a measured virtual machine monitor to delegate most of the functions of the TPM, and the original low performance TPM TCB which retains the software measurement function inside itself for low frequent uses. Our result has an independent value for wide deployment of TCG technologies.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Foster, I., Kesselman, C.: The Grid: Blueprint for a New Computing Infrastructure (1999)
Weiss, A.: Computing in the clouds. NetWorker 11(4), 16–25 (2007)
Trusted Computing Group. Trusted platform module: TPM Main Specification (2010), http://www.trustedcomputinggroup.org/resources/tpm_main_specification
Goldberg, R.P.: Survey of virtual machine research. IEEE Computer 7(6), 34–45 (1974)
Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. ACM SIGOPS Operating Systems Review 37(5), 206 (2003)
Chen, H., Zhang, F., Chen, C., Yang, Z., Chen, R., Zang, B., Yew, P., Mao, W.: Tamper-resistant execution in an untrusted operating system using a virtual machine monitor. In: Parallel Processing Institute Technical Report, Number: FDUPPITR-2007-0801, Fudan University (2007)
Chen, H., Chen, J., Mao, W., Yan, F.: Daonity-grid security from two levels of virtualization. Information Security Technical Report 12(3), 123–138 (2007)
Chen, X., Garfinkel, T., Lewis, E.C., Subrahmanyam, P., Waldspurger, C.A., Boneh, D., Dwoskin, J., Ports, D.R.K.: Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. In: Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 2–13. ACM, New York (2008)
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th USENIX Security Symposium (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, H., Li, J., Mao, W. (2011). TPM-Performance Sensible Key Management Protocols for Service Provisioning in Cloud Computing. In: Christianson, B., Malcolm, J.A., Matyas, V., Roe, M. (eds) Security Protocols XVI. Security Protocols 2008. Lecture Notes in Computer Science, vol 6615. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22137-8_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-22137-8_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22136-1
Online ISBN: 978-3-642-22137-8
eBook Packages: Computer ScienceComputer Science (R0)