LIGHTWEIGHT DISTRIBUTED ATTESTATION FOR THE CLOUD

Martin Pirker, Johannes Winter, Ronald Toegl

Abstract

Moving local services into a network of Cloud nodes raises security concerns, as this affects control over data and code execution. We leverage the Trusted Platform Module and Trusted Execution Technology of modern platforms to detect malicious Cloud nodes running untrusted software configurations. To achieve this, we propose a node-to-Cloud join protocol that enforces remote attestation.

References

  1. Berger, S., Cáceres, R., Goldman, K. A., Perez, R., Sailer, R., and van Doorn, L. (2006). vTPM: virtualizing the trusted platform module. In USENIX-SS'06: Proceedings of the 15th conference on USENIX Security Symposium, pages 305-320.
  2. Berger, S., Cáceres, R., Pendarakis, D., Sailer, R., Valdez, E., Perez, R., Schildhauer, W., and Srinivasan, D. (2008). Tvdc: managing security in the trusted virtual datacenter. SIGOPS Oper. Syst. Rev., 42:40-47.
  3. Brickell, E., Camenisch, J., and Chen, L. (2004). Direct anonymous attestation. In Proceedings of the
  4. 11th ACM conference on Computer and communica-
  5. tions security, pages 132-145, Washington DC, USA.
  6. Brown, A. and Chase, J. S. (2011). Trusted platform-asa-service: a foundation for trustworthy cloud-hosted applications. In Proceedings of the 3rd ACM workshop on Cloud computing security workshop, CCSW 7811, pages 15-20, New York, NY, USA. ACM.
  7. Coker, G., Guttman, J., Loscocco, P., Sheehy, J., and Sniffen, B. (2008). Attestation: Evidence and trust. Information and Communications Security, pages 1-18.
  8. Grawrock, D. (2009). Dynamics of a Trusted Platform: A Building Block Approach. Richard Bowles, Intel Press, Intel Corporation, 2111 NE 25th Avenue, JF3- 330, Hillsboro, OR 97124-5961.
  9. Krautheim, F. J., Phatak, D. S., and Sherman, A. T. (2010). Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing. In Proceedings of the 3rd international conference on Trust and trustworthy computing, TRUST'10, pages 211-227, Berlin, Heidelberg. Springer-Verlag.
  10. Pirker, M., Toegl, R., Hein, D., and Danner, P. (2009). A PrivacyCA for Anonymity and Trust. In Chen, L., Mitchell, C. J., and Andrew, M., editors, Trust 7809: Proceedings of the 2nd International Conference on Trusted Computing, volume 5471 of LNCS. Springer Berlin / Heidelberg.
  11. Podesser, S. and Toegl, R. (2011). A software architecture for introducing trust in java-based clouds. In Park, J. J., Lopez, J., Yeo, S.-S., Shon, T., and Taniar, D., editors, Secure and Trust Computing, Data Management and Applications, volume 186 of Communications in Computer and Information Science, pages 45- 53. Springer Berlin Heidelberg.
  12. Sadeghi, A.-R. and Stüble, C. (2004). Property-based attestation for computing platforms: caring about properties, not mechanisms. In NSPW, pages 67-77.
  13. Santos, N., Gummadi, K. P., and Rodrigues, R. (2009). Towards trusted cloud computing. In Proceedings of the 2009 conference on Hot topics in cloud computing, HotCloud'09, Berkeley, CA, USA. USENIX Association.
Download


Paper Citation


in Harvard Style

Pirker M., Winter J. and Toegl R. (2012). LIGHTWEIGHT DISTRIBUTED ATTESTATION FOR THE CLOUD . In Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-8565-05-1, pages 580-585. DOI: 10.5220/0003929105800585


in Bibtex Style

@conference{closer12,
author={Martin Pirker and Johannes Winter and Ronald Toegl},
title={LIGHTWEIGHT DISTRIBUTED ATTESTATION FOR THE CLOUD},
booktitle={Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2012},
pages={580-585},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003929105800585},
isbn={978-989-8565-05-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - LIGHTWEIGHT DISTRIBUTED ATTESTATION FOR THE CLOUD
SN - 978-989-8565-05-1
AU - Pirker M.
AU - Winter J.
AU - Toegl R.
PY - 2012
SP - 580
EP - 585
DO - 10.5220/0003929105800585