CFP last date
20 January 2025
Reseach Article

Trusted Cloud Computing Platform into Infrastructure as a Service Layer to Improve Confidentiality and Integrity of VMs

by Divyesh Yoganand, Pooja Kose
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 131 - Number 7
Year of Publication: 2015
Authors: Divyesh Yoganand, Pooja Kose
10.5120/ijca2015907361

Divyesh Yoganand, Pooja Kose . Trusted Cloud Computing Platform into Infrastructure as a Service Layer to Improve Confidentiality and Integrity of VMs. International Journal of Computer Applications. 131, 7 ( December 2015), 14-18. DOI=10.5120/ijca2015907361

@article{ 10.5120/ijca2015907361,
author = { Divyesh Yoganand, Pooja Kose },
title = { Trusted Cloud Computing Platform into Infrastructure as a Service Layer to Improve Confidentiality and Integrity of VMs },
journal = { International Journal of Computer Applications },
issue_date = { December 2015 },
volume = { 131 },
number = { 7 },
month = { December },
year = { 2015 },
issn = { 0975-8887 },
pages = { 14-18 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume131/number7/23460-2015907361/ },
doi = { 10.5120/ijca2015907361 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:26:36.793008+05:30
%A Divyesh Yoganand
%A Pooja Kose
%T Trusted Cloud Computing Platform into Infrastructure as a Service Layer to Improve Confidentiality and Integrity of VMs
%J International Journal of Computer Applications
%@ 0975-8887
%V 131
%N 7
%P 14-18
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Out of the newly emerging and promising technologies is Cloud computing and Infrastructure-as-a-Service (IaaS) which can also be claimed as something the adoption of which is hampered by data security concerns. Simultaneously, Trusted Computing (TC) is also getting its burning interest as security mechanism for IaaS. This paper presents a protocol and addresses the issue of the lack of an implementable mechanism with a proportion that it will ensure the launch of a virtual machine (VM) instance on a trusted remote compute host. A trusted launch protocol for VM instances and images in public IaaS environments has been designed for Relying on Trusted Platform Module operations such as binding and sealing to provide integrity guarantees for clients that require a trusted VM launch. This paper also presents an evidence -of-concept implementation of the protocol that is solely based on Open Stack, an open-source IaaS platform. The proposed results would provide a strong stand for the use of TC mechanisms within IaaS platforms. It will also open the path for a bigger applicability of TC to IaaS security. This technology empowers the companies to take the costs down by outsourcing computations which are on-burning demand. Nevertheless, clients of cloud computing services at present do not have any means by which they can verify the confidentiality and integrity of their data and computation. This problem is addressed to propose the design of a trusted cloud computing platform (TCCP). To impart a closed box execution environment, TCCP empowers Infrastructure as a Service (IaaS) providers such as Open stack IaaS platform. It also ensures the confidential execution of guest virtual machines. Besides, it also lets the users confirm to the IaaS provider and determine if the service is secure before they launch their virtual machines.

References
  1. Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2. “Trusted Launch of Virtual Machine Instances in Public IaaS Environments” October 2011, AFCEA cyber communit.
  2. Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2. “Trusted Launch of Virtual Machine Image in Public IaaS Environments” October 2011, AFCEA cyber communit.
  3. Nuno Santos, Krishna P. Gummadi, Rodrigo Rodrigues: Towards Trusted Cloud Computing (MPI-SWS)
  4. Aryan Taherimonfared Securing IaaS services model of cloud computing against compromised components 2011.
  5. Somorovsky,J Heiderich,M., Jensen,M., Schwenk, J., Gruschka,N., LoIacono, L.: All Your Clouds Are Belong to us: Security Analysis of Cloud Management Interfaces.In: Proceedings of the 3rd ACM Workshopon Cloud ComputingSecurity.CCSW’11,NewYork, NY,USA,ACM(2011) 3–14
  6. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. In: Proceedings of the 16th ACM Conference onComputer and Communications Security. CCS ’09, New York, NY, USA, ACM (2009) 199–212
  7. S. Berger, R. C´aceres, K. A. Goldman, R. Perez, R. Sailer, and L. van Doorn. vTPM: virtualizing the trusted platform module. In Proc. of USENIX-SS’06, Berkeley, CA, USA, 2006.
  8. Survey: Cloud Computing ’No Hype’, But Fear of Security and Control Slowing Adoption.http://www.circleid.com/posts/20090226_cloud_computing_hype_security/.
  9. C. Clark, K. Fraser, S. Hand, J. G. Hansen, E. Jul, C. Limpach, I. Pratt, and A. Warfield. Live migration of virtual machines. In Proc. of NSDI’05, pages 273–286, Berkeley, CA, USA, 2005.USENIX Association.
  10. Santos,N.,Gummadi,K.P.,Rodrigues,R.:Towards Trusted Cloud Computing.In: Proceedingsofthe2009Conference onHot Topics in Cloud Computing.HotCloud’09,Berkeley,CA,USA,USENIX Association(2009)
  11. Aslam, M.,Gehrmann,C., Rasmusson,L., Bjorkman,M.:Securely LaunchingVirtual Machines on TrustworthyPlatforms inPublicCloud-An Enterprise’sPerspective. In Leymann,F., Ivanov, I., van Sinderen,M., Shan, Teds.: CLOSER,SciTePress(2012)51
  12. Aslam,M.,Gehrmann,C.,Bjorkman,M.:Security andTrust Preserving VM Migration sin Public Clouds. In:2012IEEE 11thInternationalConference on Trust, Securit and Privacy in Computingand Communications(TrustCom), TRUSTCOM,Liverpool (2012)
  13. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A Virtual Machine-Based Platform for Trusted Computing. In Proc. of SOSP’03, 2003D. G. Murray, G. Milos, and S. Hand. Improving Xen security through disaggregation. In Proc. of VEE’08, pages 151–160, NewYork, NY, USA, 2008.
  14. D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman,L. Youseff, and D. Zagorodnov. Eucalyptus: A Technical Report on an Elastic Utility Computing Architecture Linking Your Programs to Useful Systems. Technical Report 2008-10, UCSBComputer Science, 2008.
  15. B. D. Payne, M. Carbone, and W. Lee. Secure and Flexible Monitoring of Virtual Machines. In Proc. of ACSAC’07, 2007.
  16. T. R. Peltier, J. Peltier, and J. Blackley. Information Security Fundamentals. Auerbach Publications, Boston, MA, USA, 2003.
  17. R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez, S. Berger, J. L. Griffin, and L. v. Doorn. Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor. In Proc. Of ACSAC ’05, Washington, DC, USA, 2005
  18. Smith, J., Nair, R.: Virtual Machines: Versatile Platforms for Systems and Processes.Mor- ganKaufmann(June2005)
  19. Krutz,R.L., Vines, R.D.: Cloud Security:A Comprehensive Guide to Secure Cloud Com- puting.John Wiley &Sons(August2010)
Index Terms

Computer Science
Information Sciences

Keywords

IaaS security trusted computing trusted virtual machine launch OpenStack Cloud Computing Scalability Infrastructure confidentiality integrity trusted cloud computing platform.