An Implementation of Trusted Remote Attestation Oriented the IaaSCloud

The hosting service model of cloud computing brings trustworthinessissue of cloud providers, which is a serious obstacle for wider adoption of cloud-based services. Based on open source components of TCG (Trusted Computing Group)and IBM’s IMA (Integrity Measurement Architecture), this paper designed and implementeda remote attestation architecture and protocol to verify the trustworthiness of users’ virtual machineinIaaS cloud. Meanwhile, as theverification agent, Trusted Third Partyminimized cloud configuration information disclosure, ensured the privacy of cloud.The experiments demonstratedthat this architecture brought little extra cost while provided trustworthiness guarantee.

[1]  Robert H. Deng,et al.  Model-Driven Remote Attestation: Attesting Remote System from Behavioral Aspect , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[2]  Ahmad-Reza Sadeghi,et al.  Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.

[3]  Elaine Shi,et al.  BIND: a fine-grained attestation service for secure distributed systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[4]  Peng Ning,et al.  Remote attestation to dynamic system properties: Towards providing complete system integrity evidence , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[5]  Ahmad-Reza Sadeghi,et al.  Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks , 2009, STC '09.

[6]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[7]  Jian Wang,et al.  RABBIF: Remote Attestation Based on Behavior and Information Flow , 2010, 2010 Second International Conference on Computer Engineering and Applications.

[8]  Ahmad-Reza Sadeghi,et al.  A protocol for property-based attestation , 2006, STC '06.

[9]  Sadie Creese,et al.  The Cloud: Understanding the Security, Privacy and Trust Challenges , 2011 .

[10]  Vijay Varadharajan,et al.  Modelling Dynamic Trust with Property Based Attestation in Trusted Platforms , 2010, DBSec.

[11]  Feng Deng,et al.  Component Property Based Remote Attestation , 2009 .

[12]  Deng-Guo Feng,et al.  Component Property Based Remote Attestation: Component Property Based Remote Attestation , 2009 .

[13]  Sushil Jajodia,et al.  Data and Applications Security and Privacy XXIV , 2010 .

[14]  J. Aaron Pendergrass,et al.  Linux kernel integrity measurement using contextual inspection , 2007, STC '07.

[15]  Xiaoyong Li,et al.  An Efficient Attestation for Trustworthiness of Computing Platform , 2006, 2006 International Conference on Intelligent Information Hiding and Multimedia.

[16]  Trent Jaeger,et al.  PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.

[17]  Ulrich Kühn,et al.  Realizing property-based attestation and sealing with commonly available hard- and software , 2007, STC '07.