myTrustedCloud: Trusted Cloud Infrastructure for Security-critical Computation and Data Managment

Cloud Computing provides an optimal infrastructure to utilise and share both computational and data resources whilst allowing a pay-per-use model, useful to cost-effectively manage hardware investment or to maximise its utilisation. Cloud Computing also offers transitory access to scalable amounts of computational resources, something that is particularly important due to the time and financial constraints of many user communities. The growing number of communities that are adopting large public cloud resources such as Amazon Web Services [1] or Microsoft Azure [2] proves the success and hence usefulness of the Cloud Computing paradigm. Nonetheless, the typical use cases for public clouds involve non-business critical applications, particularly where issues around security of utilization of applications or deposited data within shared public services are binding requisites. In this paper, a use case is presented illustrating how the integration of Trusted Computing technologies into an available cloud infrastructure -- Eucalyptus -- allows the security-critical energy industry to exploit the flexibility and potential economical benefits of the Cloud Computing paradigm for their business-critical applications.

[1]  Mohammad Nauman,et al.  Towards platform-independent trusted computing , 2009, STC '09.

[2]  B.F. Wollenberg,et al.  Toward a smart grid: power delivery for the 21st century , 2005, IEEE Power and Energy Magazine.

[3]  A. W. McMorran,et al.  Developing emerging standards for power system data exchange to enable interoperable and scalable operational modelling and analysis , 2012 .

[4]  Andrew P. Martin,et al.  On the Feasibility of Remote Attestation for Web Services , 2009, 2009 International Conference on Computational Science and Engineering.

[5]  Fabrice Bellard,et al.  QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX Annual Technical Conference, FREENIX Track.

[6]  Steven Hand,et al.  Improving Xen security through disaggregation , 2008, VEE '08.

[7]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[8]  Paul England,et al.  Practical Techniques for Operating System Attestation , 2008, TRUST.

[9]  N. Nusrat,et al.  Developing novel information and communications technology based solutions for smart distribution network operation , 2010, 45th International Universities Power Engineering Conference UPEC2010.

[10]  Richard Wolski,et al.  The Eucalyptus Open-Source Cloud-Computing System , 2009, 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid.

[11]  Ahmad-Reza Sadeghi,et al.  Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.

[12]  A. Kivity,et al.  kvm : the Linux Virtual Machine Monitor , 2007 .