Seeding clouds with trust anchors

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2010, Pages 43-48

  Schiffman, Joshua ^a   Moyer, Thomas ^a   Vijayakumar, Hayawardh ^a   Jaeger, Trent ^a   McDaniel, Patrick ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

Security

Indexed keywords

CENTRALIZED MANAGEMENT; CLOUD COMPUTING; CLOUD DATA; CLOUD VENDORS; CRITICAL DATA; DATA SECURITY; PROCESSING NEEDS; SECURITY;

ACCESS CONTROL; CLOUD SEEDING; CLOUDS; CUSTOMER SATISFACTION; DATA HANDLING; SALES; TRANSPARENCY;

DISTRIBUTED COMPUTER SYSTEMS;

EID: 78650083239     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1866835.1866843     Document Type: Conference Paper

References (26)

1. ARBAUGH, W. A., FARBER, D. J., AND SMITH, J. M. A Secure and Reliable Bootstrap Architecture. In IEEE SP '97 (1997), IEEE Computer Society, p. 65.
2. BIBA, K. J. Integrity Considerations for Secure Computer Systems. Tech. Rep. MTR-3153, MITRE, April 1977.
3. CHEN, H., LI, N., AND MAO, Z. Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems. In NDSS (2009).
4. CLAIR, L. S., SCHIFFMAN, J., JAEGER, T., AND MCDANIEL, P. Establishing and sustaining system integrity via root of trust installation. In ACSAC (Dec. 2007).
5. CLARK, D. D., AND WILSON, D. R. A Comparison of Commercial and Military Computer Security Policies. Security and Privacy 00 (1987), 184.
6. DATTA, A., FRANKLIN, J., GARG, D., AND KAYNAR, D. A Logic of Secure Systems and its Application to Trusted Computing. In IEEE SP '09 (May 2009).
7. Eucalyptus. http://www.eucalyptus.com/.
8. Forrester Research. Conventional Wisdom Is Wrong About Cloud IaaS. http://www.forrester.com.
9. HOWARD, M., PINCUS, J., AND WING, J. M. Measuring Relative Attack Surfaces. In Proceedings of Workshop on Advanced Developments in Software and Systems Security (2003).
10. IDC. The Single Biggest Reason Public Clouds Will Dominate the Next Era of IT. http://blogs.idc.com/ie/?p=345.
11. JAEGER, T., SAILER, R., AND SHANKAR, U. PRIMA: Policy-Reduced Integrity Measurement Architecture. In Proceedings of the 11th ACM SACMAT (2006).
12. KAUER, B. Oslo: improving the security of trusted computing. In 16th USENIX Security Symposium (Berkeley, CA, USA, 2007), USENIX Association, pp. 1-9.
13. KLEIN, G., ET AL. seL4: Formal Verification of an OS Kernel. In SOSP '09 (2009), ACM, pp. 207-220.
14. MCCUNE, J. M., PERRIG, A., AND REITER, M. K. Safe Passage for Passwords and Other Sensitive Data. In NDSS (Feb. 2009).
15. MOYER, T., BUTLER, K., SCHIFFMAN, J., MCDANIEL, P., AND JAEGER, T. Scalable Web Content Attestation. In ACSAC '09 (2009).
16. NAGARAJAN, A., VARADHARAJAN, V., HITCHENS, M., AND GALLERY, E. Property based attestation and trusted computing: Analysis and challenges. In International Conference on Network and System Security (Washington, DC, USA, 2009), IEEE Computer Society, pp. 278-285.
17. PARNO, B., MCCUNE, J. M., AND PERRIG, A. Bootstrapping trust in commodity computers. In IEEE SP '10 (May 2010).
18. RISTENPART, T., TROMER, E., SHACHAM, H., AND SAVA G E, S. Hey, You, Get Off of my Cloud: Exploring Information Leakage in Third-Party Compute Clouds. In CCS '09, ACM.
19. SAILER, R., ZHANG, X., JAEGER, T., AND VAN DOORN, L. Design and Implementation of a TCG-based Integrity Measurement Architecture. In USENIX-SS '04 (Aug. 2004), USENIX Association.
20. SANTOS, N., GUMMADI, K. P., AND RODRIGUES, R. Towards trusted cloud computing. In Proceedings of USENIX HotCloud'09: Workshop on Hot Topics in Cloud Computing (San Diego, CA, June 2009).
21. SCHIFFMAN, J., JAEGER, T., AND MCDANIEL, P. Network-based Root of Trust for Installation. Tech. Rep. Technical Report NAS-TR-0135-2010, Network and Security Research Center, June 2010.
22. SCHIFFMAN, J., MOYER, T., SHAL, C., JAEGER, T., AND MCDANIEL, P. Justifying integrity using a Virtual Machine Verifier. In ACSAC '09 (2009), ACSA.
23. SHI, E., PERRIG, A., AND VAN DOORN, L. BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In IEEE SP '05 (2005), IEEE Computer Society.
24. SHRIVASTAVA, S. Satem: Trusted Service Code Execution across Transactions. In SRDS '06 (2006), IEEE Computer Society, pp. 337-338.
25. SMITH, S. W. Outbound Authentication for Programmable Secure Coprocessors. In ESORICS (Oct. 2002).
26. VIJAYAKUMAR, H., JAKKA, G., RUEDA, S., SCHIFFMAN, J., AND JAEGER, T. Integrity Walls: Finding attack surfaces from mandatory access control policies. Tech. Rep. NAS-TR-0124-2010, NSRC, Feb. 2010.