{"title":"在云计算环境中增强信任","authors":"Bingyu Zou, Huanguo Zhang","doi":"10.1109/ICCIAUTOM.2011.6183990","DOIUrl":null,"url":null,"abstract":"Nowadays cloud computing is becoming more and more popular. As it saves cloud user the budget to purchase relatively expensive and easily outdated hardware and the energy to maintain system, some compromises comes along as well, such as computing environment and stored data out of control, which put cloud user on the horns of a dilemma. In order for cloud users to have more faith with the security of computing environment and data on the remote uncontrolled cloud, trust should be build between them. It's easier to trust when you can verify. We took advantage of sealed storage of trust computing to improve traditional trust chain technology in order to provide a dual verifiable trusted bootstrap to make sure each compartment during system bootstrap not to be maliciously changed. We extend trusted chain to memory by developing monitoring tools in privileged domain using features provided by virtual machine monitor to monitor and record runtime states of security critical application in targeted virtual machine instance. Measurements of system configurations stored in platform configuration registers of TPM along with runtime states of application in cloud user's vm are reported to corresponding cloud user through remote attestation which is a key feature of trusted computing as well in order to provide genuine evidences to cloud user.","PeriodicalId":177039,"journal":{"name":"2011 2nd International Conference on Control, Instrumentation and Automation (ICCIA)","volume":"151 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Toward enhancing trust in cloud computing enviroment\",\"authors\":\"Bingyu Zou, Huanguo Zhang\",\"doi\":\"10.1109/ICCIAUTOM.2011.6183990\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays cloud computing is becoming more and more popular. As it saves cloud user the budget to purchase relatively expensive and easily outdated hardware and the energy to maintain system, some compromises comes along as well, such as computing environment and stored data out of control, which put cloud user on the horns of a dilemma. In order for cloud users to have more faith with the security of computing environment and data on the remote uncontrolled cloud, trust should be build between them. It's easier to trust when you can verify. We took advantage of sealed storage of trust computing to improve traditional trust chain technology in order to provide a dual verifiable trusted bootstrap to make sure each compartment during system bootstrap not to be maliciously changed. We extend trusted chain to memory by developing monitoring tools in privileged domain using features provided by virtual machine monitor to monitor and record runtime states of security critical application in targeted virtual machine instance. Measurements of system configurations stored in platform configuration registers of TPM along with runtime states of application in cloud user's vm are reported to corresponding cloud user through remote attestation which is a key feature of trusted computing as well in order to provide genuine evidences to cloud user.\",\"PeriodicalId\":177039,\"journal\":{\"name\":\"2011 2nd International Conference on Control, Instrumentation and Automation (ICCIA)\",\"volume\":\"151 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 2nd International Conference on Control, Instrumentation and Automation (ICCIA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCIAUTOM.2011.6183990\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 2nd International Conference on Control, Instrumentation and Automation (ICCIA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCIAUTOM.2011.6183990","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Toward enhancing trust in cloud computing enviroment
Nowadays cloud computing is becoming more and more popular. As it saves cloud user the budget to purchase relatively expensive and easily outdated hardware and the energy to maintain system, some compromises comes along as well, such as computing environment and stored data out of control, which put cloud user on the horns of a dilemma. In order for cloud users to have more faith with the security of computing environment and data on the remote uncontrolled cloud, trust should be build between them. It's easier to trust when you can verify. We took advantage of sealed storage of trust computing to improve traditional trust chain technology in order to provide a dual verifiable trusted bootstrap to make sure each compartment during system bootstrap not to be maliciously changed. We extend trusted chain to memory by developing monitoring tools in privileged domain using features provided by virtual machine monitor to monitor and record runtime states of security critical application in targeted virtual machine instance. Measurements of system configurations stored in platform configuration registers of TPM along with runtime states of application in cloud user's vm are reported to corresponding cloud user through remote attestation which is a key feature of trusted computing as well in order to provide genuine evidences to cloud user.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
