Abstract
Trusted computing is a technology that enables computer systems to behave in a given expected way. Achieving that goal happens by arming an isolated piece of hardware with embedded processing, cryptographic capabilities such as encryption key that is kept safe from software layer attacks. The mentioned module is accessible to the rest of the computer system via a well-defined and tested application programming interface. Trusted computing protects the system against external attackers and even against the owner of the system. Cloud computing enables users to have access to vast amounts of computational resources remotely, in a seamless and ubiquitous manner. However, in some cloud deployment models, such as public cloud computing, the users have very little control over how their own data is remotely handled and are not able to assure that their data is securely processed and stored. Cloud administrators and other parties can be considered threats in such cases. Given the ground that cloud has been gaining and the rate at which data is generated, transmitted, processed, and stored remotely, it is vital to protect it using means that address the ubiquitous nature of the cloud, including trusted computing. This chapter investigates applications of trusted computing in cloud computing areas where security threats exist, namely in live virtual machine migration.
Similar content being viewed by others
References
Ahmad, R. W., Gani, A., Hamid, S. H. A., Shiraz, M., Xia, F., & Madani, S. A. (2015). Virtual machine migration in cloud data centers: a review, taxonomy, and open research issues. The Journal of Supercomputing, 71(7), 2473–2515.
Amoroso, E. G. (2013). From the enterprise perimeter to a mobility-enabled secure cloud. IEEE Secur Privacy, 11(1), 23–31.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., et al. (2010). A view of cloud computing. Commun ACM, 53(4), 50–58.
Aslam, M., Gehrmann, C., & Björkman, M. (2012). Security and Trust Preserving VM Migrations in Public Clouds. IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 869–876).
Bates, A., Mood, B., Valafar, M., & Butler, K. (2013). Towards secure provenance-based access control in cloud environments. In Proceedings of the Third ACM Conference on Data and Application Security and Privacy (pp. 277–284). ACM.
Brohi, S. N., Bamiah, M. A., Chuprat, S., Ab Manan, J. L. (2012). Towards an efficient and secure educational platform on cloud infrastructure. In 2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM) (pp. 145–150). IEEE.
Cesena, E., Ramunno, G., Sassu, R., Vernizzi, D., & Lioy, A. (2011). On Scalability of remote attestation. In Proceedings of the 6th ACM Workshop on Scalable Trusted Computing (STC) (pp. 25–30). New York, NY, USA: ACM
Chen, C., Raj, H., Saroiu, S., & Wolman, A. (2014). cTPM: A cloud tpm for cross-device trusted applications. In: Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation (NSDI), USENIX Association, Berkeley, CA, USA (pp. 187–201).
CrowdStrike. (2015). VENOM Vulnerability. Retrieved May 2016, from http://venom.crowdstrike.com/.
Danev, B., Masti, R. J., Karame, G. O., & Capkun, S. (2011). Enabling secure VM-vTPM migration in private clouds. In Proceedings of the 27th Annual Computer Security Applications Conference (ASAC) (pp. 187–196). New York, NY, USA: ACM
Dargie, W. (2014). Estimation of the cost of VM migration. In 23rd International Conference on Computer Communication and Networks (ICCCN) pp. 1–8.
Divakarla, U., & Chandrasekaran, K. (2016). Trusted path between two entities in Cloud. In 6th International Conference on Cloud System and Big Data Engineering (Confluence) pp. 157–162.
Duan, Y., Fu, G., Zhou, N., Sun, X., Narendra, N. C, & Hu, B. (2015). Everything as a service (XaaS) on the cloud: origins, current and future trends. In IEEE 8th International Conference on Cloud Computing pp. 621–628.
Eldred, M., Adams, C., & Good, A. (2014) Trust challenges in a high performance cloud computing project. In IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom) (pp. 1045–1050).
Fan, P., Zhao, B., Shi, Y., Chen, Z., & Ni, M. (2015). An improved vTPM-VM live migration protocol. Wuhan University Journal of Natural Sciences, 20(6), 512–520.
Fernandes, D. A. B., Soares, L. F. B., Gomes, J. V., Freire, M. M., & Inácio, P. R. M. (2014). Security Issues in Cloud Environments—A Survey. International Journal of Information Security (IJIS): Special Issue Named Security in Cloud Computing, 13(2), 113–170.
Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., & Boneh, D. (2003). Terra: A virtual machine-based platform for trusted computing. In Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, SOSP ’03 (pp 193–206). ACM.
Gonzales, D., Kaplan, J., Saltzman, E., Winkelman, Z., & Woods, D. (2015). Cloud-trust—A security assessment model for infrastructure as a service (IaaS) clouds. IEEE Transactions on Cloud Computing PP(99), 1–14.
Hosseinzadeh, S., Laurén, S., & Leppänen, V. (2016). Security in container-based virtualization through vTPM. In Proceedings of the 9th International Conference on Utility and Cloud Computing pp. 214–219. ACM.
Javanmard, M., Salehi, M. A, & Zonouz, S. (2015). TSC: Trustworthy and scalable cytometry. In 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS) (pp. 1356–1360). IEEE.
Jayaram, K., Safford, D., Sharma, U., Naik, V., Pendarakis, D., & Tao, S. (2014). Trustworthy geographically fenced hybrid clouds. In Proceedings of the 15th International Middleware Conference (pp. 37–48). ACM.
Khan, I., Rehman, H., & Anwar, Z. (2011). Design and deployment of a trusted eucalyptus cloud. In 2011 IEEE International Conference on Cloud Computing (CLOUD) (pp. 380–387). IEEE.
Ko, R. K., & Will, M. A. (2014). Progger: An efficient, Tamper-evident Kernel-space logger for cloud data provenance tracking. In 2014 IEEE 7th International Conference on Cloud Computing (CLOUD) (pp. 881–889). IEEE.
Lee, B., Awad, A., & Awad, M. (2015). Towards secure provenance in the cloud: A survey. In 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC) (pp. 577–582). IEEE.
Leelipushpam, P. G. J, & Sharmila, J. (2013). Live VM migration techniques in cloud environment a survey. In 2013 IEEE Conference on Information & Communication Technologies (ICT), (pp. 408–413). IEEE.
Li, J., Squicciarini, A., Lin, D., Liang, S., & Jia, C. (2015). SecLoc: Securing location-sensitive storage in the cloud. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (pp. 51–61). ACM.
Memarian, M. R., Conti, M., & Leppänen, V. (2015). EyeCloud: A Botcloud Detection System. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 1067–1072).
NIST. (2011). The NIST definition of cloud computing. Retrieved June 2016, from http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.
Noor, T. H., Sheng, Q. Z., Yao, L., Dustdar, S., & Ngu, A. H. H. (2016). CloudArmor: Supporting reputation-based trust management for cloud services. IEEE Transactions on Parallel and Distributed Systems, 27(2), 367–380.
Park, K. W., Han, J., Chung, J., & Park, K. H. (2013). THEMIS: A Mutually verifiable billing system for the cloud computing environment. IEEE Transactions on Services Computing, 6(3), 300–313.
Park, S., Yoon, J. N., Kang, C., Kim, K. H., & Han, T. (2015). TGVisor: A tiny hypervisor-based trusted geolocation framework for mobile cloud clients. In 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud) (pp. 99–108). IEEE.
Rocha, F., & Correia, M. (2011). Lucy in the sky without diamonds: Stealing confidential data in the cloud. In IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W) (pp. 129–134).
Rocha, F., Abreu, S., & Correia, M. (2011). The Final Frontier: Confidentiality and Privacy in the Cloud. Computer, 44(9), 44–50.
Santos, N., Gummadi, K. P., & Rodrigues, R. (2009). Towards trusted cloud computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, USENIX Association, Berkeley, CA, USA, HotCloud’09.
Shin, J., Kim, Y., Park, W., & Park, C. (2012). DFCloud: A TPM-based secure data access control method of cloud storage in mobile devices. In 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom) (pp. 551–556). IEEE.
Singh, N. K., Patel, Y. S., Das, U., & Chatterjee, A. (2014). NUYA: An encrypted mechanism for securing cloud data from data mining attacks. In 2014 International Conference on Data Mining and Intelligent Computing (ICDMIC) (pp. 1–6). IEEE.
Somani, G., Gaur, M. S., Sanghi, D., & Conti, M. (2016) DDoS attacks in cloud computing: Collateral damage to non-targets. Computer Networks.
Syed, T. A., Musa, S., Rahman, A., & Jan, S. (2015). Towards secure instance migration in the cloud. In 2015 International Conference on Cloud Computing (ICCC) (pp. 1–6). IEEE.
Taha, M. M. B., Chaisiri, S., Ko, R. K. (2015). Trusted tamper-evident data provenance. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 646–653). IEEE.
Toegl, R., Winkler, T., Nauman, M., & Hong, T. (2009). Towards platform-independent trusted computing. In Proceedings Of The 2009 Acm Workshop On Scalable Trusted Computing (pp. 61–66). ACM.
Wallom, D., Turilli, M., Martin, A., Raun, A., Taylor, G., Hargreaves, N., et al. (2011). myTrustedCloud: Trusted cloud infrastructure for security-critical computation and data management. In IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom). (pp. 247–254).
Wei, L., Zhu, H., Cao, Z., Jia, W., & Vasilakos, A. V. (2010). SecCloud: Bridging secure storage and computation in cloud. In IEEE 30th International Conference on Distributed Computing Systems Workshops (pp. 52–61).
Zawoad, S., & Hasan, R. (2015) FECloud: A trustworthy forensics-enabled cloud architecture. In Proceedings of 11th Annual International Federation for Information Processing WG 11.9 International Conference on Digital Forensics (pp. 271–285).
Zhang, R., Su, X., Wang, J., Wang, C., Liu, W., & Lau, R. W. H. (2015). On Mitigating the Risk of Cross-VM Covert Channels in a Public Cloud. IEEE Transactions on Parallel and Distributed Systems, 26(8), 2327–2339.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Reza Memarian, M., Fernandes, D., Inácio, P., Leppänen, V., Conti, M. (2017). Applications of Trusted Computing in Cloud Context. In: Chaudhary, S., Somani, G., Buyya, R. (eds) Research Advances in Cloud Computing. Springer, Singapore. https://doi.org/10.1007/978-981-10-5026-8_18
Download citation
DOI: https://doi.org/10.1007/978-981-10-5026-8_18
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5025-1
Online ISBN: 978-981-10-5026-8
eBook Packages: Computer ScienceComputer Science (R0)