tsd: a flexible root of trust for the cloud

ISCAS OpenIR

	tsd: a flexible root of trust for the cloud
	Chang Dexian; Chu Xiaobo; Qin Yu; Feng Dengguo
	2012
会议名称	11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012
会议录名称	Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012
页码	119-126
会议日期	June 25, 2012 - June 27, 2012
会议地点	Liverpool, United kingdom
收录类别	EI
ISBN	9780769547459
部门归属	(1) Institute of Software Chinese Academy of Sciences Beijing China; (2) Electronic Technology Institute Information Engineering University Zhengzhou China
摘要	Due to the tight one-to-one binding relationship between the TPM and the single platform lacks of flexibility and scalability, the Trusted Platform Module (TPM) can not be directly applied to the cloud virtualization platform, on which concurrently running several user domains (VMs). For establishing the trust in the cloud, we propose the Trusted Service Domain (TSD), as a novel root of trust for the cloud. Being an independent functional domain, the TSD is able to provide the trusted service for the multiple user domains on the cloud virtualization platform. We firstly extend the existing trusted chain to secure the TSD, and generate the independent key hierarchies for the user domains in the TSD to support the cryptography service and secure storage. Then we design the secure communication mechanism to protect the inter-domain data, and present the migration scheme for the TSD in the cloud. Finally, we detailed our implementation of the prototype system and analyze the security of the TSD. Preliminary experiment results showed that the TSD has higher efficiency than the existing schemes on the trusted commands handling and the migration, which satisfied flexible deployment and rapidly migration requirements of the cloud virtualization platform. © 2012 IEEE.; Due to the tight one-to-one binding relationship between the TPM and the single platform lacks of flexibility and scalability, the Trusted Platform Module (TPM) can not be directly applied to the cloud virtualization platform, on which concurrently running several user domains (VMs). For establishing the trust in the cloud, we propose the Trusted Service Domain (TSD), as a novel root of trust for the cloud. Being an independent functional domain, the TSD is able to provide the trusted service for the multiple user domains on the cloud virtualization platform. We firstly extend the existing trusted chain to secure the TSD, and generate the independent key hierarchies for the user domains in the TSD to support the cryptography service and secure storage. Then we design the secure communication mechanism to protect the inter-domain data, and present the migration scheme for the TSD in the cloud. Finally, we detailed our implementation of the prototype system and analyze the security of the TSD. Preliminary experiment results showed that the TSD has higher efficiency than the existing schemes on the trusted commands handling and the migration, which satisfied flexible deployment and rapidly migration requirements of the cloud virtualization platform. © 2012 IEEE.
关键词	Computer Privacy Digital Storage Ubiquitous Computing
主办者	University of Bradford; IEEE Technical Committee on Scalable Computing (TCSC); IEEE; IEEE Computer Society
语种	英语
内容类型	会议论文
URI标识	http://ir.iscas.ac.cn/handle/311060/15865
专题	中国科学院软件研究所
推荐引用方式 GB/T 7714	Chang Dexian,Chu Xiaobo,Qin Yu,et al. tsd: a flexible root of trust for the cloud[C],2012:119-126.