Skip to main content
SpringerLink
Log in

Applications of Trusted Computing in Cloud Context

  • Chapter
  • First Online:
Research Advances in Cloud Computing

Abstract

Trusted computing is a technology that enables computer systems to behave in a given expected way. Achieving that goal happens by arming an isolated piece of hardware with embedded processing, cryptographic capabilities such as encryption key that is kept safe from software layer attacks. The mentioned module is accessible to the rest of the computer system via a well-defined and tested application programming interface. Trusted computing protects the system against external attackers and even against the owner of the system. Cloud computing enables users to have access to vast amounts of computational resources remotely, in a seamless and ubiquitous manner. However, in some cloud deployment models, such as public cloud computing, the users have very little control over how their own data is remotely handled and are not able to assure that their data is securely processed and stored. Cloud administrators and other parties can be considered threats in such cases. Given the ground that cloud has been gaining and the rate at which data is generated, transmitted, processed, and stored remotely, it is vital to protect it using means that address the ubiquitous nature of the cloud, including trusted computing. This chapter investigates applications of trusted computing in cloud computing areas where security threats exist, namely in live virtual machine migration.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Similar content being viewed by others

References

  1. Ahmad, R. W., Gani, A., Hamid, S. H. A., Shiraz, M., Xia, F., & Madani, S. A. (2015). Virtual machine migration in cloud data centers: a review, taxonomy, and open research issues. The Journal of Supercomputing, 71(7), 2473–2515.

    Article  Google Scholar 

  2. Amoroso, E. G. (2013). From the enterprise perimeter to a mobility-enabled secure cloud. IEEE Secur Privacy, 11(1), 23–31.

    Article  Google Scholar 

  3. Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., et al. (2010). A view of cloud computing. Commun ACM, 53(4), 50–58.

    Article  Google Scholar 

  4. Aslam, M., Gehrmann, C., & Björkman, M. (2012). Security and Trust Preserving VM Migrations in Public Clouds. IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 869–876).

    Google Scholar 

  5. Bates, A., Mood, B., Valafar, M., & Butler, K. (2013). Towards secure provenance-based access control in cloud environments. In Proceedings of the Third ACM Conference on Data and Application Security and Privacy (pp. 277–284). ACM.

    Google Scholar 

  6. Brohi, S. N., Bamiah, M. A., Chuprat, S., Ab Manan, J. L. (2012). Towards an efficient and secure educational platform on cloud infrastructure. In 2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM) (pp. 145–150). IEEE.

    Google Scholar 

  7. Cesena, E., Ramunno, G., Sassu, R., Vernizzi, D., & Lioy, A. (2011). On Scalability of remote attestation. In Proceedings of the 6th ACM Workshop on Scalable Trusted Computing (STC) (pp. 25–30). New York, NY, USA: ACM

    Google Scholar 

  8. Chen, C., Raj, H., Saroiu, S., & Wolman, A. (2014). cTPM: A cloud tpm for cross-device trusted applications. In: Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation (NSDI), USENIX Association, Berkeley, CA, USA (pp. 187–201).

    Google Scholar 

  9. CrowdStrike. (2015). VENOM Vulnerability. Retrieved May 2016, from http://venom.crowdstrike.com/.

  10. Danev, B., Masti, R. J., Karame, G. O., & Capkun, S. (2011). Enabling secure VM-vTPM migration in private clouds. In Proceedings of the 27th Annual Computer Security Applications Conference (ASAC) (pp. 187–196). New York, NY, USA: ACM

    Google Scholar 

  11. Dargie, W. (2014). Estimation of the cost of VM migration. In 23rd International Conference on Computer Communication and Networks (ICCCN) pp. 1–8.

    Google Scholar 

  12. Divakarla, U., & Chandrasekaran, K. (2016). Trusted path between two entities in Cloud. In 6th International Conference on Cloud System and Big Data Engineering (Confluence) pp. 157–162.

    Google Scholar 

  13. Duan, Y., Fu, G., Zhou, N., Sun, X., Narendra, N. C, & Hu, B. (2015). Everything as a service (XaaS) on the cloud: origins, current and future trends. In IEEE 8th International Conference on Cloud Computing pp. 621–628.

    Google Scholar 

  14. Eldred, M., Adams, C., & Good, A. (2014) Trust challenges in a high performance cloud computing project. In IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom) (pp. 1045–1050).

    Google Scholar 

  15. Fan, P., Zhao, B., Shi, Y., Chen, Z., & Ni, M. (2015). An improved vTPM-VM live migration protocol. Wuhan University Journal of Natural Sciences, 20(6), 512–520.

    Article  MathSciNet  Google Scholar 

  16. Fernandes, D. A. B., Soares, L. F. B., Gomes, J. V., Freire, M. M., & Inácio, P. R. M. (2014). Security Issues in Cloud Environments—A Survey. International Journal of Information Security (IJIS): Special Issue Named Security in Cloud Computing, 13(2), 113–170.

    Article  Google Scholar 

  17. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., & Boneh, D. (2003). Terra: A virtual machine-based platform for trusted computing. In Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, SOSP ’03 (pp 193–206). ACM.

    Google Scholar 

  18. Gonzales, D., Kaplan, J., Saltzman, E., Winkelman, Z., & Woods, D. (2015). Cloud-trust—A security assessment model for infrastructure as a service (IaaS) clouds. IEEE Transactions on Cloud Computing PP(99), 1–14.

    Google Scholar 

  19. Hosseinzadeh, S., Laurén, S., & Leppänen, V. (2016). Security in container-based virtualization through vTPM. In Proceedings of the 9th International Conference on Utility and Cloud Computing pp. 214–219. ACM.

    Google Scholar 

  20. Javanmard, M., Salehi, M. A, & Zonouz, S. (2015). TSC: Trustworthy and scalable cytometry. In 2015 IEEE 17th International Conference on High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS) (pp. 1356–1360). IEEE.

    Google Scholar 

  21. Jayaram, K., Safford, D., Sharma, U., Naik, V., Pendarakis, D., & Tao, S. (2014). Trustworthy geographically fenced hybrid clouds. In Proceedings of the 15th International Middleware Conference (pp. 37–48). ACM.

    Google Scholar 

  22. Khan, I., Rehman, H., & Anwar, Z. (2011). Design and deployment of a trusted eucalyptus cloud. In 2011 IEEE International Conference on Cloud Computing (CLOUD) (pp. 380–387). IEEE.

    Google Scholar 

  23. Ko, R. K., & Will, M. A. (2014). Progger: An efficient, Tamper-evident Kernel-space logger for cloud data provenance tracking. In 2014 IEEE 7th International Conference on Cloud Computing (CLOUD) (pp. 881–889). IEEE.

    Google Scholar 

  24. Lee, B., Awad, A., & Awad, M. (2015). Towards secure provenance in the cloud: A survey. In 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC) (pp. 577–582). IEEE.

    Google Scholar 

  25. Leelipushpam, P. G. J, & Sharmila, J. (2013). Live VM migration techniques in cloud environment a survey. In 2013 IEEE Conference on Information & Communication Technologies (ICT), (pp. 408–413). IEEE.

    Google Scholar 

  26. Li, J., Squicciarini, A., Lin, D., Liang, S., & Jia, C. (2015). SecLoc: Securing location-sensitive storage in the cloud. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (pp. 51–61). ACM.

    Google Scholar 

  27. Memarian, M. R., Conti, M., & Leppänen, V. (2015). EyeCloud: A Botcloud Detection System. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 1067–1072).

    Google Scholar 

  28. NIST. (2011). The NIST definition of cloud computing. Retrieved June 2016, from http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.

  29. Noor, T. H., Sheng, Q. Z., Yao, L., Dustdar, S., & Ngu, A. H. H. (2016). CloudArmor: Supporting reputation-based trust management for cloud services. IEEE Transactions on Parallel and Distributed Systems, 27(2), 367–380.

    Article  Google Scholar 

  30. Park, K. W., Han, J., Chung, J., & Park, K. H. (2013). THEMIS: A Mutually verifiable billing system for the cloud computing environment. IEEE Transactions on Services Computing, 6(3), 300–313.

    Article  Google Scholar 

  31. Park, S., Yoon, J. N., Kang, C., Kim, K. H., & Han, T. (2015). TGVisor: A tiny hypervisor-based trusted geolocation framework for mobile cloud clients. In 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud) (pp. 99–108). IEEE.

    Google Scholar 

  32. Rocha, F., & Correia, M. (2011). Lucy in the sky without diamonds: Stealing confidential data in the cloud. In IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W) (pp. 129–134).

    Google Scholar 

  33. Rocha, F., Abreu, S., & Correia, M. (2011). The Final Frontier: Confidentiality and Privacy in the Cloud. Computer, 44(9), 44–50.

    Article  Google Scholar 

  34. Santos, N., Gummadi, K. P., & Rodrigues, R. (2009). Towards trusted cloud computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, USENIX Association, Berkeley, CA, USA, HotCloud’09.

    Google Scholar 

  35. Shin, J., Kim, Y., Park, W., & Park, C. (2012). DFCloud: A TPM-based secure data access control method of cloud storage in mobile devices. In 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom) (pp. 551–556). IEEE.

    Google Scholar 

  36. Singh, N. K., Patel, Y. S., Das, U., & Chatterjee, A. (2014). NUYA: An encrypted mechanism for securing cloud data from data mining attacks. In 2014 International Conference on Data Mining and Intelligent Computing (ICDMIC) (pp. 1–6). IEEE.

    Google Scholar 

  37. Somani, G., Gaur, M. S., Sanghi, D., & Conti, M. (2016) DDoS attacks in cloud computing: Collateral damage to non-targets. Computer Networks.

    Google Scholar 

  38. Syed, T. A., Musa, S., Rahman, A., & Jan, S. (2015). Towards secure instance migration in the cloud. In 2015 International Conference on Cloud Computing (ICCC) (pp. 1–6). IEEE.

    Google Scholar 

  39. Taha, M. M. B., Chaisiri, S., Ko, R. K. (2015). Trusted tamper-evident data provenance. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 646–653). IEEE.

    Google Scholar 

  40. Toegl, R., Winkler, T., Nauman, M., & Hong, T. (2009). Towards platform-independent trusted computing. In Proceedings Of The 2009 Acm Workshop On Scalable Trusted Computing (pp. 61–66). ACM.

    Google Scholar 

  41. Wallom, D., Turilli, M., Martin, A., Raun, A., Taylor, G., Hargreaves, N., et al. (2011). myTrustedCloud: Trusted cloud infrastructure for security-critical computation and data management. In IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom). (pp. 247–254).

    Google Scholar 

  42. Wei, L., Zhu, H., Cao, Z., Jia, W., & Vasilakos, A. V. (2010). SecCloud: Bridging secure storage and computation in cloud. In IEEE 30th International Conference on Distributed Computing Systems Workshops (pp. 52–61).

    Google Scholar 

  43. Zawoad, S., & Hasan, R. (2015) FECloud: A trustworthy forensics-enabled cloud architecture. In Proceedings of 11th Annual International Federation for Information Processing WG 11.9 International Conference on Digital Forensics (pp. 271–285).

    Google Scholar 

  44. Zhang, R., Su, X., Wang, J., Wang, C., Liu, W., & Lau, R. W. H. (2015). On Mitigating the Risk of Cross-VM Covert Channels in a Public Cloud. IEEE Transactions on Parallel and Distributed Systems, 26(8), 2327–2339.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, University of Turku, Turku, Finland

    Mohammad Reza Memarian & Ville Leppänen

  2. PepsiCo, Michrów, Poland

    Diogo Fernandes

  3. Computer Science, University of Beira Interior, Covilhã, Portugal

    Pedro Inácio

  4. Department of Mathematics, University of Padua, Padua, Italy

    Mauro Conti

Authors
  1. Mohammad Reza Memarian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Diogo Fernandes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pedro Inácio
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ville Leppänen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mauro Conti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ville Leppänen .

Editor information

Editors and Affiliations

  1. School of Engineering and Applied Science, Ahmedabad University, Ahmedabad, Gujarat, India

    Sanjay Chaudhary

  2. Department of Computer Science and Engineering, Central University of Rajasthan, Ajmer, Rajasthan, India

    Gaurav Somani

  3. School of Computing and Information Systems, The University of Melbourne, Melbourne, Victoria, Australia

    Rajkumar Buyya

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Reza Memarian, M., Fernandes, D., Inácio, P., Leppänen, V., Conti, M. (2017). Applications of Trusted Computing in Cloud Context. In: Chaudhary, S., Somani, G., Buyya, R. (eds) Research Advances in Cloud Computing. Springer, Singapore. https://doi.org/10.1007/978-981-10-5026-8_18

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-5026-8_18

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-5025-1

  • Online ISBN: 978-981-10-5026-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation