{"title":"基于TPM的SaaS服务信任增强设计","authors":"Mustapha Hedabou, Ali Azougaghe, A. Bentajer","doi":"10.5121/csit.2020.100520","DOIUrl":null,"url":null,"abstract":"On the past decade, Trusted Platform Modules (TPM) have become a valuable tool for providing a high level of trust on locally executing software. Indeed, in addition to its availability on most commodity computers, TPM are totally free of cost unlike other available Hardware-Based devices while they o er the same level of security. Enhancing trust in SaaS services regarding the security and the privacy of the hosted SaaS application services can turn out to be a pertinent application scope of TMP. In this paper we present a design for a trusted SaaS model that gives cloud users more con dence into SaaS services by leveraging TPM functionalities combined with a trusted source code certifying authority facility. In our design, the cloud computing provider hosting the SaaS services acts as a root of trust by providing nal cloud users insurance on the integrity of the SaaS application service running on its platform. A new mechanism of multisignature is developed for computing a join signature of SaaS service software by the trusted authority and TPM. A prototype implementation of the proposed design shows that the integrity of SaaS application service before and after it was launched on a cloud provider platform is guaranteed at low cost.","PeriodicalId":201467,"journal":{"name":"9th International Conference on Information Technology Convergence and Services (ITCSE 2020)","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"TPM Based Design for Enhanced Trust in SaaS Services\",\"authors\":\"Mustapha Hedabou, Ali Azougaghe, A. Bentajer\",\"doi\":\"10.5121/csit.2020.100520\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"On the past decade, Trusted Platform Modules (TPM) have become a valuable tool for providing a high level of trust on locally executing software. Indeed, in addition to its availability on most commodity computers, TPM are totally free of cost unlike other available Hardware-Based devices while they o er the same level of security. Enhancing trust in SaaS services regarding the security and the privacy of the hosted SaaS application services can turn out to be a pertinent application scope of TMP. In this paper we present a design for a trusted SaaS model that gives cloud users more con dence into SaaS services by leveraging TPM functionalities combined with a trusted source code certifying authority facility. In our design, the cloud computing provider hosting the SaaS services acts as a root of trust by providing nal cloud users insurance on the integrity of the SaaS application service running on its platform. A new mechanism of multisignature is developed for computing a join signature of SaaS service software by the trusted authority and TPM. A prototype implementation of the proposed design shows that the integrity of SaaS application service before and after it was launched on a cloud provider platform is guaranteed at low cost.\",\"PeriodicalId\":201467,\"journal\":{\"name\":\"9th International Conference on Information Technology Convergence and Services (ITCSE 2020)\",\"volume\":\"66 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-05-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"9th International Conference on Information Technology Convergence and Services (ITCSE 2020)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5121/csit.2020.100520\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"9th International Conference on Information Technology Convergence and Services (ITCSE 2020)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/csit.2020.100520","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
TPM Based Design for Enhanced Trust in SaaS Services
On the past decade, Trusted Platform Modules (TPM) have become a valuable tool for providing a high level of trust on locally executing software. Indeed, in addition to its availability on most commodity computers, TPM are totally free of cost unlike other available Hardware-Based devices while they o er the same level of security. Enhancing trust in SaaS services regarding the security and the privacy of the hosted SaaS application services can turn out to be a pertinent application scope of TMP. In this paper we present a design for a trusted SaaS model that gives cloud users more con dence into SaaS services by leveraging TPM functionalities combined with a trusted source code certifying authority facility. In our design, the cloud computing provider hosting the SaaS services acts as a root of trust by providing nal cloud users insurance on the integrity of the SaaS application service running on its platform. A new mechanism of multisignature is developed for computing a join signature of SaaS service software by the trusted authority and TPM. A prototype implementation of the proposed design shows that the integrity of SaaS application service before and after it was launched on a cloud provider platform is guaranteed at low cost.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
