Skip to main content

Towards Trust Services for Language-Based Virtual Machines for Grid Computing

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 4968)


The concept of Trusted Computing (TC) promises a new approach to improve the security of computer systems. The core functionality, based on a hardware component known as Trusted Platform Module (TPM), is integrated into commonly available hardware. Still, only limited software support exists, especially in the context of grid computing. This paper discusses why platform independent virtual machines (VM) with their inherent security features are an ideal environment for trusted applications and services. Based on different TC architectures building a chain-of-trust, a VM can be executed in a secure way. This chain-of-trust can be extended at run-time by considering the identity of the application code and by deriving attestable properties from the VMs configuration. An interface to provide applications with TC services like sealing or remote attestation regardless of the underlying host architecture is discussed.


  • Virtual Machine
  • Application Program Interface
  • Trusted Third Party
  • Trusted Platform Module
  • Access Control Model

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   69.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium, pp. 223–238. USENIX Association (2004)

    Google Scholar 

  2. Sarmenta, L., Rhodes, J., Müller, T.: TPM/J Java-based API for the Trusted Platform Module (2007),

  3. Microsoft Developer Network. TPM Base Services (2007),

  4. TrouSerS - An Open-Source TCG Software Stack Implementation (2007),

  5. Sadeghi, A.-R., Stüble, C.: Property-based Attestation for Computing Platforms: Caring about Policies, not Mechanisms. In: Proceedings of the New Security Paradigm Workshop (NSPW), pp. 67–77. ACM, New York (2004)

    Google Scholar 

  6. Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation - Virtual Machine Directed Approach to Trusted Computing. In: Proceedings of the 3rd Virtual Machine Research and Technology Symposium, pp. 29–41. USENIX Association (2004)

    Google Scholar 

  7. Pirker, M., Winkler, T., Toegl, R., Vejda, T.: Trusted Computing for the JavaTMPlatform (2007),

  8. Trusted Computing Group. TCG Software Stack Specification, Version 1.2 Errata A (2007),

  9. Trusted Computing Group. TCG Infrastructure Specifications (2007),

  10. Trusted Computing Group (2007),

  11. Trusted Computing Group. TCG Specification Architecture Overview, Revision 1.4 (2007),

  12. Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid: Enabling Scalable Virtual Organizations. Int. J. High Perform. Comput. Appl. 15(3), 200–222 (2001)

    CrossRef  Google Scholar 

  13. Getov, V., von Laszewski, G., Philippsen, M., Foster, I.: Multiparadigm communications in Java for grid computing. Communincations of the ACM 44(10), 118–125 (2001)

    CrossRef  Google Scholar 

  14. Parabon Computation, Inc. Frontier: The Premier Internet Computing Platform Whitepaper (2004),

  15. Mao, W., Jin, H., Martin, A.: Innovations for Grid Security from Trusted Computing (2005),

  16. Dietrich, K., Pirker, M., Vejda, T., Toegl, R., Winkler, T., Lipp, P.: A Practical Approach for Establishing Trust Relationships between Remote Platforms using Trusted Computing. In: Proceedings of the 2007 Symposium on Trustworthy Global Computing (in print, 2007)

    Google Scholar 

  17. Sheehy, J., Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., Monk, L., Ramsdell, J., Sniffen, B.: Attestation: Evidence and Trust. Technical report 07 0186, MITRE Corporation (2007)

    Google Scholar 

  18. Kühn, U., Selhorst, M., Stüble, C.: Realizing Property-Based Attestation and Sealing with Commonly Available Hard- and Software. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pp. 50–57. ACM, New York (2007)

    CrossRef  Google Scholar 

  19. Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A.-R.: A Protocol for Property-Based Attestation. In: STC 2006: Proceedings of the first ACM workshop on Scalable trusted computing, pp. 7–16. ACM, New York (2006)

    CrossRef  Google Scholar 

  20. Loehr, H., Ramasamy, H., Sadeghi, A.-R., Schulz, S., Schunter, M., Stueble, C.: Enhancing Grid Security Using Trusted Virtualization. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds.) ATC 2007. LNCS, vol. 4610, pp. 372–384. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  21. Wallach, D., Felten, E.: Understanding Java Stack Inspection. In: Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 52–63. IEEE, Los Alamitos (1998)

    Google Scholar 

  22. Smith, M., Friese, T., Engel, M., Freisleben, B.: Countering security threats in service-oriented on-demand grid computing using sandboxing and trusted computing techniques. J. Parallel Distrib. Comput. 66(9), 1189–1204 (2006)

    CrossRef  MATH  Google Scholar 

  23. Mao, W., Yan, F., Chen, C.: Daonity: grid security with behaviour conformity from trusted computing. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing (STC 2006), pp. 43–46. ACM, New York (2006)

    CrossRef  Google Scholar 

  24. Gong, L., Mueller, M., Prafullchandra, H., Schemers, R.: Going beyond the sandbox: an overview of the new security architecture in the javaTM development Kit 1.2. In: Proceedings of the USENIX Symposium on Internet Technologies and Systems, pp. 103–112. USENIX Association (1997)

    Google Scholar 

  25. Berger, S., Cáceres, R., Goldman, K., Perez, R., Sailer, R., van Doorn, L.: vTPM: Virtualizing the Trusted Platform Module. IBM Research Report, RC23879 (W0602-126) (2006)

    Google Scholar 

  26. Roubtsov, V. Cracking Java byte-code encryption, JavaWorld (2003),

  27. Toegl, R., et al.: Trusted Computing API for Java, Java Specification Request 321, Java Community Process (2008),

  28. Biberstein, M., Gil, J., Porat, S.: Sealing, Encapsulation, and Mutability. In: Proceedings of the 15th European Conference on Object-Oriented Programming, pp. 28–52. Springer, Heidelberg (2001)

    Google Scholar 

  29. Gong, L., Schemers, R.: Signing, Sealing, and Guarding Java Objects. In: Mobile Agents and Security, pp. 206–216. Springer, Heidelberg (1998)

    CrossRef  Google Scholar 

  30. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: policy-reduced integrity measurement architecture. In: Proceedings of the eleventh ACM symposium on Access control models and technologies (SACMAT 2006), pp. 19–28. ACM, New York (2006)

    CrossRef  Google Scholar 

  31. Anderson, M.J., Moffie, M., Dalton, C.I.: Towards Trustworthy Virtualisation Environments: Xen Library OS Security Service Infrastructure. HP Research Report, HPL-2007-69 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vejda, T., Toegl, R., Pirker, M., Winkler, T. (2008). Towards Trust Services for Language-Based Virtual Machines for Grid Computing. In: Lipp, P., Sadeghi, AR., Koch, KM. (eds) Trusted Computing - Challenges and Applications. Trust 2008. Lecture Notes in Computer Science, vol 4968. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-68978-2

  • Online ISBN: 978-3-540-68979-9

  • eBook Packages: Computer ScienceComputer Science (R0)