Abstract
The hosting service model of cloud computing brings trustworthinessissue of cloud providers, which is a serious obstacle for wider adoption of cloud-based services. Based on open source components of TCG (Trusted Computing Group)and IBM’s IMA (Integrity Measurement Architecture), this paper designed and implementeda remote attestation architecture and protocol to verify the trustworthiness of users’ virtual machineinIaaS cloud. Meanwhile, as theverification agent, Trusted Third Partyminimized cloud configuration information disclosure, ensured the privacy of cloud.The experiments demonstratedthat this architecture brought little extra cost while provided trustworthiness guarantee.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Robinson, N., Valeri, L., Cave, J., Starkey, T., Graux, H., Creese, S., Hopkins, P.: The Cloud: Understanding the Security, Privacy and Trust Challenges. RAND Corporation, California (2011)
Personal Data in the Cloud: the importance of trust, http://www.fujitsu.com/global/news/publications/dataprivacy.html
Sailer, R., Zhang, X.L., Jaeger, T., Doorn, L.V.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: 13th USENIX Security Symposium, pp. 223–238. USENIX Association, Berkeley (2004)
Jaeger, T., Sailer, R., Shankar, U.: PRIMA:Policy-Reduced Integrity Measurement Architecture. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, pp. 19–28. ACM, New York (2006)
Shi, E., Perrig, A., Doorn, L.V.: BIND: A Fine-grained Attestation Service for Secure Distributed Systems. In: 2005 IEEE Symposium on Security and Privacy, pp. 154–168. IEEE Press, New York (2005)
Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: 2007 ACM Workshop on Scalable Trusted Computing, pp. 21–29. ACM, New York (2006)
Kil, C., Sezer, E.C., Azab, A.M., Ning, P., Zhang, X.L.: Remote Attestation to Dynamic System Properties: Towards Providing Complete System Integrity Evidence. In: 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 115–124. IEEEPress, New York (2009)
Davi, L., Sadeghi, A.R., Winandy, M.: Dynamic Integrity Measurement and Attestation: Towards Defense AgainstReturn-Oriented Programming Attacks. In: 2009 ACM workshop on Scalable Trusted Computing, pp. 49–54. ACM, New York (2009)
Poritz, J., Schunter, M., Herreweghen, E.V., Waidner, M.: Property Attestation—Scalable and Privacy-friendly Security Assessment of Peer Computers. Technical Report 3548, IBM Research Zurich (2004)
Sadeghi, A.R., Stüble, C.: Property-based Attestation for Computing Platforms: Caring about Properties, not mechanisms. In: 2004 New Security Paradigms Workshop, pp. 67–77. ACM, New York (2004)
Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A.R., Stüble, C.: A Protocol for Property-Based Attestation. In: 1st ACM Workshop on Scalable Trusted Computing, pp. 7–16. ACM, New York (2006)
Kühn, U., Selhorst, M., Stüble, C.: Realizing Property-Based Attestation and Sealing with Commonly Available Hard- and Software. In: 2007 ACM Workshop on Scalable Trusted Computing, pp. 50–57. ACM, New York (2007)
Qin, Y., Feng, D.G.: Component Property Based Remote Attestation. J. Software 20(6), 1625–1641 (2009)
Nagarajan, A., Varadharajan, V.: Modelling Dynamic Trust with Property Based Attestation in Trusted Platforms. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security and Privacy XXIV. LNCS, vol. 6166, pp. 257–272. Springer, Heidelberg (2010)
Li, X.Y., Shen, C.X., Zuo, X.D.: An Efficient Attestation for Trustworthiness of Computing Platform. In: 2006 International Conference on Intelligent Information Hiding and Multimedia, pp. 625–630. IEEE Computer Society, Washington (2006)
Gu, L., Ding, X.H., Deng, R.H., Zou, Y.Z., Xie, B., Shao, W.Z., Mei, H.: Model-Driven Remote Attestation: Attesting Remote System from Behavioral Aspect. In: 9th International Conference for Young Computer Scientists, pp. 2347–2353. IEEE Press, New York (2008)
Wang, J., Wang, H.H., Tan, C.X.: RABBIF: Remote Attestation Based on Behavior and Information Flow. In: 2nd International Conference on Computer Engineering and Applications, pp. 18–22. IEEE Press, New York (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, C., Wu, X., Liu, C., Xie, X. (2013). An Implementation of Trusted Remote Attestation Oriented the IaaSCloud. In: Yuan, Y., Wu, X., Lu, Y. (eds) Trustworthy Computing and Services. ISCTCS 2012. Communications in Computer and Information Science, vol 320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35795-4_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-35795-4_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35794-7
Online ISBN: 978-3-642-35795-4
eBook Packages: Computer ScienceComputer Science (R0)