Institutional Repository
| obtaining the integrity of your virtual machine in the cloud | |
| Yu Aimin; Qin Yu; Wang Dan | |
| 2011 | |
| Conference Name | 2011 3rd IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2011 |
| Source | Proceedings - 2011 3rd IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2011 |
| Pages | 213-222 |
| Conference Date | November 29, 2011 - December 1, 2011 |
| Conference Place | Athens, Greece |
| Indexed Type | EI |
| ISBN | 9780769546223 |
| Department | (1) State Key Laboratory of Information Security Institute of Software Chinese Academy of Science Beijing China |
| English Abstract | Infrastructure-as-a-service(IaaS) cloud provides the user the ability to use the computing resource of the cloud provider through renting a virtual machine(VM). At the same time it becomes an essential requirement for the user to verify the integrity of his VM. In this paper we designed and implemented TCG(trusted computing group)-based remote attestation for the Xen VM under the assumption that the trusted platform module(TPM) and hypervisor are secure and the privileged domain0 may be malicious. Firstly we realized load-time integrity measurement of the guest OS(operating system) kernel in the hypervisor directly and built the trust chain that is independent of the domain0. Secondly we realized the virtualized AIK(attestation identity key) and PCR(platform configuration register) that simulated the security functions of TPM AIK and PCR and supported VM migration, save and restore operations. Finally through the prototype implementation it is shown that the code complexity and the performance overhead are acceptable for the real system. © 2011 IEEE.; Infrastructure-as-a-service(IaaS) cloud provides the user the ability to use the computing resource of the cloud provider through renting a virtual machine(VM). At the same time it becomes an essential requirement for the user to verify the integrity of his VM. In this paper we designed and implemented TCG(trusted computing group)-based remote attestation for the Xen VM under the assumption that the trusted platform module(TPM) and hypervisor are secure and the privileged domain0 may be malicious. Firstly we realized load-time integrity measurement of the guest OS(operating system) kernel in the hypervisor directly and built the trust chain that is independent of the domain0. Secondly we realized the virtualized AIK(attestation identity key) and PCR(platform configuration register) that simulated the security functions of TPM AIK and PCR and supported VM migration, save and restore operations. Finally through the prototype implementation it is shown that the code complexity and the performance overhead are acceptable for the real system. © 2011 IEEE. |
| Keyword | Computer Simulation Thermoelectric Power |
| Sponsorship | University of Piraeus, Department of Digital Systems; OpenGridForum; IEEE; IEEE Computer Society; Cloud Computing Society; Univ. Aegean, Dep. Inf. Commun. Syst. Eng. |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/16305 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Yu Aimin,Qin Yu,Wang Dan. obtaining the integrity of your virtual machine in the cloud[C],2011:213-222. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment