Secure and reliable VM-vTPM migration in private cloud

Cloud computing, which has emerged as one of the most influential paradigms in the IT industry in recent years, is powered by the concept of virtualization technology. For achieving energy efficiency, load balancing and high availability of physical server in Cloud Data Center, the virtual machines should be migrated from one physical server to another. During the migration process, some steps should be taken to protect user's data and privacy. The extension of trusted computing to virtual systems using vTPMs can make the virtual machine more secure and reliable. So vTPM should be migrated to destination platform together with its corresponding virtual machine. However, most of the present researches just focus on the migration of VM without considering the vTPM migration. Moreover, the current migration protocols are not secure enough. In this paper, we focus on the secure implementation of virtual machine migration from one platform to another platform in private cloud model. We propose a thorough and secure VM-vTPM migration scheme. In this scheme we first propose a vTPM key structure to make non-migratable vTPM keys to be migratable. Then we leverage on this structure to construct a secure VM-vTPM migration protocol which includes three phases. The first phase is a dual authentication between source platform and destination platform, the second phase is the migration of vTPM, and the third phase is the migration of VM. Finally, we analyze the security of our protocol to make sure our proposed protocol can realize all the security goals such as confidentiality and integrity, authentication of source and destination platform, preserving the association between VM and vTPM, and atomicity of the transfer.

[1]  Ghassan O. Karame,et al.  Enabling secure VM-vTPM migration in private clouds , 2011, ACSAC '11.

[2]  Haibo Chen,et al.  Daonity - Grid security from two levels of virtualization , 2007, Inf. Secur. Tech. Rep..

[3]  Mats Björkman,et al.  Security and Trust Preserving VM Migrations in Public Clouds , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[4]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[5]  Zhao Yang An XEN Platform Based Trusted Virtual Machine Migration Protocol , 2013 .

[6]  Wei Wang,et al.  Secured and reliable VM migration in personal cloud , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[7]  Claudia Eckert,et al.  Enhancing Trusted Platform Modules with Hardware-Based Virtualization Techniques , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[8]  Cheng Chen,et al.  Tamper-Resistant Execution in an Untrusted Operating System Using A Virtual Machine Monitor , 2007 .

[9]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[10]  Haibo Chen,et al.  PALM: Security Preserving VM Live Migration for Systems with VMM-enforced Protection , 2008, 2008 Third Asia-Pacific Trusted Infrastructure Technologies Conference.

[11]  P. G. J. Leelipushpam,et al.  Live VM migration techniques in cloud environment — A survey , 2013, 2013 IEEE CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGIES.

[12]  Liang Chen,et al.  An improved vTPM migration protocol based trusted channel , 2012, 2012 International Conference on Systems and Informatics (ICSAI2012).