ISCAS OpenIR
obtaining the integrity of your virtual machine in the cloud
Yu Aimin; Qin Yu; Wang Dan
2011
会议名称2011 3rd IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2011
会议录名称Proceedings - 2011 3rd IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2011
页码213-222
会议日期November 29, 2011 - December 1, 2011
会议地点Athens, Greece
收录类别EI
ISBN9780769546223
部门归属(1) State Key Laboratory of Information Security Institute of Software Chinese Academy of Science Beijing China
摘要Infrastructure-as-a-service(IaaS) cloud provides the user the ability to use the computing resource of the cloud provider through renting a virtual machine(VM). At the same time it becomes an essential requirement for the user to verify the integrity of his VM. In this paper we designed and implemented TCG(trusted computing group)-based remote attestation for the Xen VM under the assumption that the trusted platform module(TPM) and hypervisor are secure and the privileged domain0 may be malicious. Firstly we realized load-time integrity measurement of the guest OS(operating system) kernel in the hypervisor directly and built the trust chain that is independent of the domain0. Secondly we realized the virtualized AIK(attestation identity key) and PCR(platform configuration register) that simulated the security functions of TPM AIK and PCR and supported VM migration, save and restore operations. Finally through the prototype implementation it is shown that the code complexity and the performance overhead are acceptable for the real system. © 2011 IEEE.; Infrastructure-as-a-service(IaaS) cloud provides the user the ability to use the computing resource of the cloud provider through renting a virtual machine(VM). At the same time it becomes an essential requirement for the user to verify the integrity of his VM. In this paper we designed and implemented TCG(trusted computing group)-based remote attestation for the Xen VM under the assumption that the trusted platform module(TPM) and hypervisor are secure and the privileged domain0 may be malicious. Firstly we realized load-time integrity measurement of the guest OS(operating system) kernel in the hypervisor directly and built the trust chain that is independent of the domain0. Secondly we realized the virtualized AIK(attestation identity key) and PCR(platform configuration register) that simulated the security functions of TPM AIK and PCR and supported VM migration, save and restore operations. Finally through the prototype implementation it is shown that the code complexity and the performance overhead are acceptable for the real system. © 2011 IEEE.
关键词Computer Simulation Thermoelectric Power
主办者University of Piraeus, Department of Digital Systems; OpenGridForum; IEEE; IEEE Computer Society; Cloud Computing Society; Univ. Aegean, Dep. Inf. Commun. Syst. Eng.
语种英语
内容类型会议论文
URI标识http://ir.iscas.ac.cn/handle/311060/16305
专题中国科学院软件研究所
推荐引用方式
GB/T 7714
Yu Aimin,Qin Yu,Wang Dan. obtaining the integrity of your virtual machine in the cloud[C],2011:213-222.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Yu Aimin]的文章
[Qin Yu]的文章
[Wang Dan]的文章
百度学术
百度学术中相似的文章
[Yu Aimin]的文章
[Qin Yu]的文章
[Wang Dan]的文章
必应学术
必应学术中相似的文章
[Yu Aimin]的文章
[Qin Yu]的文章
[Wang Dan]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。