Abhrajit Ghosh, Angelo Sapello, A. Poylisher, C. Chiang, A. Kubota, T. Matsunaka
{"title":"On the Feasibility of Deploying Software Attestation in Cloud Environments","authors":"Abhrajit Ghosh, Angelo Sapello, A. Poylisher, C. Chiang, A. Kubota, T. Matsunaka","doi":"10.1109/CLOUD.2014.27","DOIUrl":null,"url":null,"abstract":"We present XSWAT (Xen SoftWare ATtestation), a system that makes use of timing based software attestation to verify the integrity of cloud computing platforms. We believe that ours is the first instance of a system that uses this attestation technique in a cloud environment and results obtained indicate the feasibility of its deployment. An overview of the XSWAT system and the associated threat model, along with a study of cloud environment impacts on performance, is presented. Environmental parameters include types of interconnects between the XSWAT verifier and measurement agent as well as the number of concurrently executing virtual machines on the platform being verified. Conversely, we also study the impact of XSWAT execution using well known system benchmarks and find this to be insignificant, thereby strengthening the case for XSWAT. We also discuss novel XSWAT mechanisms for addressing TOCTOU attacks.","PeriodicalId":288542,"journal":{"name":"2014 IEEE 7th International Conference on Cloud Computing","volume":"61 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 7th International Conference on Cloud Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CLOUD.2014.27","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
We present XSWAT (Xen SoftWare ATtestation), a system that makes use of timing based software attestation to verify the integrity of cloud computing platforms. We believe that ours is the first instance of a system that uses this attestation technique in a cloud environment and results obtained indicate the feasibility of its deployment. An overview of the XSWAT system and the associated threat model, along with a study of cloud environment impacts on performance, is presented. Environmental parameters include types of interconnects between the XSWAT verifier and measurement agent as well as the number of concurrently executing virtual machines on the platform being verified. Conversely, we also study the impact of XSWAT execution using well known system benchmarks and find this to be insignificant, thereby strengthening the case for XSWAT. We also discuss novel XSWAT mechanisms for addressing TOCTOU attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
