A Software Architecture for Introducing Trust in Java-Based Clouds

  • Siegfried Podesser
  • Ronald Toegl
Part of the Communications in Computer and Information Science book series (CCIS, volume 186)

Abstract

The distributed software paradigms of grid and cloud computing offer massive computational power at commodity prices. Unfortunately, a number of security risks exist. In this paper we propose a software architecture which leverages the Trusted Computing principle of Remote Attestation to assess the trustworthiness of nodes in computing clouds. We combine hardware-security based on the Trusted Platform Module and Intel Trusted Execution Technology with an integrity-guaranteeing virtualization platform. Cloud services are offered by an easy-to-use Java middleware that performs role based access control and trust decisions hidden from the developer.

Keywords

Trusted Computing Cloud Computing 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Chadwick, D.W., Zhao, G., Otenko, S., Laborde, R., Su, L., Nguyen, T.A.: Permis a modular authorization infrastructure. Concurrency and Computation: Practice and Experience 20(11), 1341–1357 (2008)CrossRefGoogle Scholar
  2. 2.
    Cooper, A., Martin, A.: Towards a secure, tamper-proof grid platform. In: Cluster Computing and the Grid, CCGRID 2006 (2006)Google Scholar
  3. 3.
    Daniele Catteddu, G.H.: Cloud Computing benefits, risks and recommendations for information security. Tech. rep., ENISA (2009)Google Scholar
  4. 4.
    Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. Int. J. High Perform. Comput. Appl. 15(3), 200–222 (2001)CrossRefGoogle Scholar
  5. 5.
    Getov, V., von Laszewski, G., Philippsen, M., Foster, I.T.: Multiparadigm commu-nications in java for grid computing. Commun. ACM 44(10), 118–125 (2001)CrossRefGoogle Scholar
  6. 6.
    Grawrock, D.: Dynamics of a Trusted Platform: A Building Block Approach, Richard Bowles. Intel Press, Hillsboro (2009) ISBN 978-1934053171Google Scholar
  7. 7.
    Löhr, H., Ramasamy, H.V., Sadeghi, A.-R., Schulz, S., Schunter, M., Stüble, C.: Enhancing grid security using trusted virtualization. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds.) ATC 2007. LNCS, vol. 4610, pp. 372–384. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Mao, W., Martin, A., Jin, H., Zhang, H.: Innovations for grid security from trusted computing. In: Security Protocols, pp. 132–149 (2009)Google Scholar
  9. 9.
    Ivanov, N., Setrakyan, D.: GridGain (2010), http://www.gridgain.com
  10. 10.
    Pirker, M., Toegl, R., Hein, D., Danner, P.: A PrivacyCA for anonymity and trust. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 101–119. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Toegl, R., Pirker, M., Gissing, M.: acTvSM: A dynamic virtualization platform for enforcement of application integrity. In: INTRUST 2011. LNCS. Springer, Heidelberg (in print, 2011)Google Scholar
  12. 12.
    Toegl, R., Winkler, T., Nauman, M., Hong, T.: Towards platform-independent trusted computing. In: Xu, S., Asokan, N., Nita-Rotaru, C., Seifert, J.P. (eds.) STC, ACM, New York (2009)Google Scholar
  13. 13.
    Trusted Computing Group: TCG TPM specification version 1.2 revision 103 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Siegfried Podesser
    • 1
  • Ronald Toegl
    • 1
  1. 1.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyGrazAustria

Personalised recommendations