Abstract
One of the underpinnings of cloud computing security is the trustworthiness of individual cloud servers. Due to the ongoing discovery of runtime software vulnerabilities like buffer overflows, it is critical to be able to guage the trustworthiness of a cloud server as it operates. The purpose of this chapter is to discuss trust-enhancing technologies in cloud computing, specifically remote attestation of cloud servers. We will discuss how remote attestation can provide higher assurance that cloud providers can be trusted to properly handle a customer’s computation and/or data. Then we will focus on the modeling of the runtime integrity of a cloud server, which determines the level of assurance that remote attestation can offer. Specifically, we propose scoped invariants as a primitive for analyzing the software system for its integrity properties. We report our experience with the modeling and detection of scoped invariants for the Xen virtual machine manager.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
IT Cloud Services User Survey, pt.2: Top Benefits & Challenges. http://blogs.idc.com/ie/?p=210. Accessed 16 Aug 2010
Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux kernel integrity measurement using contextual inspection. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing (STC). ACM, New York (2007)
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of ACM Conference on Computer and Communications Security (CCS). ACM, New York (2005)
Baliga, A., Kamat, P., Iftode, L.: Lurking in the shadows: identifying systemic threats to kernel data. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, Oakland, CA (May 2007)
Davi, L., Sadeghi, A., Winandy, M.: Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks. In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing (STC). ACM, New York (2009)
Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of Network and Distributed Systems Security Symposium (NDSS), (Feb 2003)
Grizzard, J., Dodson, E., Conti, G., Levine, J., Owen, H.: Toward a trusted immutable kernel extension (TIKE) for self-healing systems: a virtual machine approach. In: Proceedings of 5th IEEE Information Assurance Workshop, West Point (2004)
Levine, J., Grizzard, J., Owen, H.: Re-establishing trust in compromised systems: recovering from rootkits that trojan the system call table. In: Proceedings of the 9th European Symposium on Research in Computer Security, Sophia Antipolis, France (2004)
Petroni, N., Jr., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot—a coprocessor-based kernel runtime integrity monitor. In: Proceedings of the 13th USENIX Security Symposium. USENIX Association, Berkeley (2004)
Petroni, N., Jr., Fraser, T., Walters, A., Arbaugh, W.A.: An architecture for specification-based detection of semantic integrity violations in kernel dynamic data. In: Proceedings of the 15th USENIX Security Symposium. USENIX Association, Berkeley (2006)
Petroni, N. Jr., Hicks, M.: Automated detection of persistent kernel control-flow attacks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS). ACM, New York (2007)
Sailer, R., Zhang, X., Jaeger, T., Doorn, L.V.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th USENIX Security Symposium, San Diego (2004)
Zhang, X., Doorn, L.V., Jaeger, T., Perez, R., Sailer, R.: Secure coprocessor-based intrusion detection. In: Proceedings of the Tenth ACM SIGOPS European Workshop, Saint-Emilion, France (2002)
Barham, P., Dragovic, B., Fraser, K., et al.: Xen and the art of virtualization. In: Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), Bolton Landing, NY, (Oct 2003)
Sheehy, J., Coker, G., Guttman, J., et al.: Attestation: evidence and trust. http://www.mitre.org/work/tech_papers/tech_papers_07/07_0186/07_0186.pdf (2008). Accessed 16 Aug 2010
Trusted Computing Group: http://www.trustedcomputinggroup.org. Accessed 16 Aug 2010
Trusted Platform Modules: http://www.trustedcomputinggroup.org/developers/trusted_platform_module/specifications. Accessed 16 Aug 2010
Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the 2005 USENIX Annual Technical Conference. USENIX. Association, Berkeley (2005)
Wei, J., Pu, C., Rozas, C.V., Rajan, A., Zhu, F.: Modeling the runtime integrity of cloud servers: a scoped invariant perspective. In: International Workshop on Cloud Privacy, Security, Risk and Trust (CPSRT 2010), in conjunction with the 2nd IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2010), Nov. 30 – Dec. 3, Indianapolis, IN (2010)
Xen local security-bypass vulnerability. http://www.securityfocus.com/bid/26954/discuss. Accessed 16 Aug 2010
Xen “move-to-rr” RID local security bypass vulnerability. http://www.securityfocus.com/bid/26716/discuss. Aaccessed 16 Aug 2010
Intel 64 and IA-32 Architectures Software Developer’s Manual, Vol. 3B: System Programming Guide, Part 2.
Intel 64 and IA-32 Architectures Software Developer’s Manual, Vol. 3A: System Programming Guide, Part 1.
Ernst, M.D., Perkins, J.H., Guo, P.J., McCamant, S., Pacheco, C., Tschantz, M.S., Xiao, C.: The Daikon system for dynamic detection of likely invariants. Sci. Comput. Program. 69(1–3), 35–45 (2007)
Kil, C., Sezer, E., Azab, A., Ning, P., Zhang, X.: Remote attestation to dynamic system properties: towards providing complete system integrity evidence. In: Proceedings of the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’09), Lisbon, Portugal (2009)
Jaeger, T., Sailer, R., Shankar, U.: PRIMA: policy-reduced integrity measurement architecture. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT 2006), Lake Tahoe (2006).
Chkrootkit. http://www.chkrootkit.org/. Accessed 28 Jan 2012
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC (1997)
Singaravelu, L., Pu, C., Haertig, H., Helmuth, C.: Reducing TCB complexity for security-sensitive applications: three case studies. In: Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems, Leuven, Belgium (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Recommended Reading
Recommended Reading
-
Armbrust M, Fox A, Griffith R, Joseph AD, and et al. (2009) Above the clouds: A Berkeley view of cloud computing. Technical Report UCB/EECS-2009–28, 2009. Available at http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009–28.html
-
Brown A and Chase J (2011) Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications. ACM Cloud Computing Security Workshop, October 2011.
-
Haeberlen A (2010) A case for the accountable cloud. ACM SIGOPS Operating Systems Review, Volume 44 Issue 2, April 2010.
-
Hoglund G, Butler J (2005) Rootkits: subverting the Windows kernel. Addison-Wesley Professional, Boston, Massachusetts, 2005.
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this chapter
Cite this chapter
Wei, J., Pu, C., Rozas, C.V., Rajan, A., Zhu, F. (2013). Modeling the Runtime Integrity of Cloud Servers: A Scoped Invariant Perspective. In: Pearson, S., Yee, G. (eds) Privacy and Security for Cloud Computing. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-4189-1_6
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4189-1_6
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4188-4
Online ISBN: 978-1-4471-4189-1
eBook Packages: Computer ScienceComputer Science (R0)