Enhancing data privacy and integrity in the cloud

Proceedings of the 2011 International Conference on High Performance Computing and Simulation, HPCS 2011

Volumn , Issue , 2011, Pages 427-434

  Naruchitparames, Jeffrey ^a   Gunes, Mehmet Hadi ^a  

^a University of Nevada   (United States)

Author keywords

Cloud Infrastructure Security; Privacy Protection in Cloud Platforms and Operations

Indexed keywords

CLOUD SYSTEMS; COMPUTING PARADIGM; EXECUTION ENVIRONMENTS; INFRASTRUCTURE SECURITY; POTENTIAL USERS; PRIVACY PROTECTION IN CLOUD PLATFORMS AND OPERATIONS; SENSITIVE INFORMATIONS; TRUSTED COMPUTING; TRUSTED COMPUTING BASE; USER EXCHANGES;

COMPUTER SOFTWARE SELECTION AND EVALUATION; DATA PRIVACY;

CLOUD COMPUTING;

EID: 80053009214     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HPCSim.2011.5999856     Document Type: Conference Paper

References (45)

1. C. Erway, A. Küpçü, C. Papamanthou, and R. Tamassia, "Dynamic provable data possession," in CCS '09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 213-222.
2. R. Gellmax, "Privacy in the clouds: Risks to privacy and confidentiality from cloud computing," World privacy forum, pp. 1-26, 2009.
3. R. Wauters, "More security loopholes found in google docs." [Online]. Available: http://techcrunch.com/2009/03/26/more-security-loopholes- found-in-google-docs/
4. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds," in CCS '09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 199-212.
5. E. Gallery and C. J. Mitchell, "Trusted computing: Security and applications," Cryptologia, (to appear).
6. "TCG architecture overview," August 2007, https://www. trustedcomputinggroup.org/groups/TCG-1-4-Architecture-Overview.pdf. [Online]. Available: https://www.trustedcomputinggroup.org/groups/-TCG-1-4-Architecture- Overview.pdf
7. R. Anderson, M. Bond, J. Clulow, and S. Skorobogatov, "Cryptographic processors - a survey," Proceedings of the IEEE, vol. 94, no. 2, pp. 357-369, February 2006.
8. W. A. Arbaugh, D. J. Farber, and J. M. Smith, "A secure and reliable bootstrap architecture," in IEEE Symposium on Security and Privacy. IEEE Computer Society, 1997, p. 65.
9. J. G. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S. W. Smith, and S. Weingart, "Building the IBM 4758 secure coprocessor," Computer, vol. 34, no. 10, pp. 57-66, October 2001.
10. S. W. Smith, "Outbound authentication for programmable secure coprocessors," International Journal of Information Security, vol. 3, no. 1, pp. 28-41, October 2004.
11. "Trusted computing group," http://www.trustedcomputinggroup. org. [Online]. Available: http://www.trustedcomputinggroup.org
12. M. Peinado, Y. Chen, P. Engl, and J. Manferdelli, "NGSCB: A trusted open system," in 9th Australasian Conference on Information Security and Privacy. Springer, 2004, pp. 86-97.
13. "Trusted execution technology architectural overview," http://www.intel.com/technology/security. [Online]. Available: http://www.intel.com/technology/security
14. "IBM cryptographic coprocessors." [Online]. Available: http://www-03.ibm.com/security/cryptocards/
15. D. Kuhlmann, R. Landfermanny, H. V. Ramasamyz, M. Schunterz, G. Ramunno, and D. Vernizzi, "An open trusted computing architecture secure virtual machines enabling user-defined policy enforcement," June 2006. [Online]. Available: http://domino.watson.ibm.com/library/cyberdig.nsf/papers/ 7024C307EA0DFAEE852571D0003B10F3/File/rz3655.pdf
16. G. E. Suh, C. W. O'Donnell, and S. Devadas, "Aegis: A single-chip secure processor," IEEE Design & Test, vol. 24, no. 6, pp. 570-580, 2007.
17. B. Smyth and L. Chen, "Direct anonymous attestation (DAA): ensuring privacy with corrupt administrators," in 4th European Workshop on Security and Privacy in Ad hoc and Sensor Networks. Springer-Verlag, 2007, pp. 218-231.
18. S. Garriss, R. Cáceres, S. Berger, R. Sailer, L. van Doorn, and X. Zhang, "Towards trustworthy kiosk computing," in Eighth IEEE Workshop on Mobile Computing Systems and Applications. IEEE Computer Society, 2007, pp. 41-45.
19. B. A. Lamacchia, "Key challenges in DRM: An industry perspective," in ACM Workshop on Digital Rights Management, 2002.
20. T. Jaeger, P. Mcdaniel, and L. S. Clair, "Shame on trust in distributed systems," in 1st Workshop on Hot Topics in Security, 2006.
21. P. P. Tsang and V. K. Wei, "Short linkable ring signatures for e-voting, e-cash and attestation," in Information Security Practice and Experience. Springer, 2005, pp. 48-60.
22. H. Lhr, H. V. Ramasamy, A. reza Sadeghi, S. Schulz, M. Schunter, and C. Stble, "Enhancing grid security using trusted virtualization," in 2nd Workshop on Advances in Trusted Computing. Springer-Verlag, Berlin-Heidelberg, 2006, pp. 372-384.
23. N. Kuntze and A. U. Schmidt, "Trusted ticket systems and applications," in New Approaches for Security, Privacy and Trust in Complex Systems, vol. 232. Springer, 2007, pp. 49-60.
24. A. Pridgen, A. Pridgen, C. Julien, and C. Julien, "A secure modular mobile agent system," in International Workshop on Software. ACM Press, 2006, pp. 67-74.
25. M. van Dijk, J. Rhodes, L. F. G. Sarmenta, and S. De-vadas, "Offline untrusted storage with immediate detection of forking and replay attacks," in ACM workshop on Scalable trusted computing. ACM, 2007, pp. 41-48.
26. S. Balfe, A. D. Lakhani, and K. G. Paterson, "Trusted computing: Providing security for peer-to-peer networks," in Fifth IEEE International Conference on Peer-to-Peer Computing. IEEE Computer Society, 2005, pp. 117-124.
27. R. Sailer, T. Jaeger, X. Zhang, and L. V. Doorn, "Attestation-based policy enforcement for remote access," in 11th ACM conference on Computer and Communications Security. ACM Press, 2004, pp. 308-317.
28. S. Berger, R. Cceres, K. A. Goldman, R. Perez, R. Sailer, and L. Doorn, "vTPM virtualizing the trusted platform module," in 15th Usenix Security Symposium, 2006, pp. 305-320.
29. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh, "Terra: a virtual machine-based platform for trusted computing," in 19th Symposium on Operating System Principles. ACM Press, 2003, pp. 193-206.
30. D. Elkaduwe, P. Derrin, and K. Elphinstone, "Kernel design for isolation and assurance of physical memory," in IIES '08: Proceedings of the 1st workshop on Isolation and integration in embedded systems. New York, NY, USA: ACM, 2008, pp. 35-40.
31. G. Heiser, K. Elphinstone, I. Kuz, G. Klein, and S. M. Petters, "Towards trustworthy computing systems: taking microkernels to the next level," SIGOPS Oper. Syst. Rev., vol. 41, no. 4, pp. 3-11, 2007.
32. E. Cesena, G. Ramunno, and D. Vernizzi, "Secure storage using a sealing proxy," in Proceedings of the 1st European Workshop on System Security. New York, NY, USA: ACM, 2008, pp. 27-34.
33. U. Kühn and C. Stüble, "User-friendly and secure tpm-based hard disk key management," in Proceedings of First International Conference Future of Trust in Computing. Berlin, Germany: Vieweg+Teubner, 2009, pp. 171-177.
34. K. J. Biba, "Integrity considerations for secure computer systems," MITRE Corp., Tech. Rep., 04 1977.
35. T. Fraser, "Lomac: Low water-mark integrity protection for cots environments," in IEEE Symposium on Security and Privacy. IEEE Computer Society, 2000, pp. 230-245.
36. D. D. Clark and D. R. Wilson, "A Comparison of Commercial and Military Computer Security Policies," in IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1987, pp. 184-194.
37. E. Shi and A. Perrig, "Bind: A fine-grained attestation service for secure distributed systems," in IEEE Symposium on Security and Privacy, 2005, pp. 154-168.
38. M. Alam, X. Zhang, M. Nauman, T. Ali, and J.-P. Seifert, "Model-based behavioral attestation," in SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologies. New York, NY, USA: ACM, 2008, pp. 175-184.
39. L. Chen, R. Landfermann, H. Löhr, M. Rohe, A.-R. Sadeghi, and C. Stüble, "A protocol for property-based attestation," in STC '06: Proceedings of the first ACM workshop on Scalable trusted computing. New York, NY, USA: ACM, 2006, pp. 7-16.
40. K. Goldman, R. Perez, and R. Sailer, "Linking remote attestation to secure tunnel endpoints," in Proceedings of the first ACM workshop on Scalable trusted computing. New York, NY, USA: ACM, 2006, pp. 21-24.
41. U. Shankar, T. Jaeger, T. Jaeger, R. Sailer, and R. Sailer, "Prima: policy-reduced integrity measurement architecture," in 11th Symposium on Access Control Models and Technologies. ACM Press, 2006.
42. A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla, "Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms," in ACM Symposium on Operating Systems Principles, Oct. 2005, pp. 1-15.
43. J. M. McCune, A. Perrig, A. Seshadri, and L. van Doorn, "Turtles all the way down: research challenges in user-based attestation," in HOTSEC'07: Proceedings of the 2nd USENIX workshop on Hot topics in security. Berkeley, CA, USA: USENIX Association, 2007, pp. 1-5.
44. F. Stumpf, A. Fuchs, S. Katzenbeisser, and C. Eckert, "Improving the scalability of platform attestation," in STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computing. New York, NY, USA: ACM, 2008, pp. 1-10.
45. D. Hankerson, A. J. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography. Secaucus, NJ, USA: SpringerVerlag New York, Inc., 2003.