Securely launching virtual machines on trustworthy platforms in a public cloud: An enterprise's perspective

CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science

Volumn , Issue , 2012, Pages 511-521

  Aslam, Mudassar ^a   Gehrmann, Christian ^a   Rasmusson, Lars ^a   Björkman, Mats ^b  

^a SWEDISH INSTITUTE OF COMPUTER SCIENCE   (Sweden)

^b MÄLARDALEN UNIVERSITY   (Sweden)

Author keywords

Cloud computing; IaaS; Security; Trusted computing; Virtualization

Indexed keywords

INFRASTRUCTURE AS A SERVICE (IAAS); NETWORK SECURITY; TRUSTED COMPUTING; VIRTUALIZATION;

CLOUD PLATFORMS; CLOUD-COMPUTING; COMPUTING RESOURCE; INFRASTRUCTURE-AS-A-SERVICE; PLATFORM INTEGRITY; PUBLIC CLOUDS; SECURITY; SECURITY RISKS; SERVICE-CLOUD MODEL; VIRTUALIZATIONS;

VIRTUAL MACHINE;

EID: 84864878200     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (26)

1. acTvSM (2010). Advanced Cryptographic Trusted Virtual Security Module. http://www.iaik.tugraz.at/content/research/trustedcomputing/actvsm/.
2. Aslam, M. and Gehrmann, C. (2011). Security Considerations for Virtual Platform Provisioning. In ECIW '11: Proceedings of the 10th European Conference on Information Warfare and Security, pages 283-290, UK. The Institute of Cybernetics at the Tallinn University of Technology, Academic Publishing Limited.
3. Berger, S., Cáceres, R., Goldman, K. A., Perez, R., Sailer, R., and van Doorn, L. (2006). vTPM: Virtualizing the Trusted Platform Module. In USENIX-SS'06: Proceedings of the 15th Conference on USENIX Security Symposium, Berkeley, CA, USA. USENIX Association.
4. Chisnall, D. (2007). The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series). Prentice Hall PTR, Upper Saddle River, NJ, USA.
5. CircleID (2009). Survey: Cloud Computing 'No Hype', But Fear of Security and Control Slowing Adoption. http://www.circleid.com/posts/ 20090226cloudcomputinghypesecurity/.
6. Cloud Computing and Security (2010). Cloud Computing and Security - A Natural Match. http://www.trustedcomputinggroup.org/resources/cloud-computing- and-security-a-natural-match.
7. CSA Guide (2009). Security guidance for critical areas of focus in cloud computing. http://www.cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf.
8. Frankel, S. and Krishnan, S. (2011). IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap. RFC 6071 (Informational).
9. Gasmi, Y., Sadeghi, A.-R., Stewin, P., Unger, M., and Asokan, N. (2007). Beyond Secure Channels. In STC '07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pages 30-40, New York, NY, USA. ACM.
10. Haldar, V., Chandra, D., and Franz, M. (2004). Semantic Remote Attestation - A Virtual Machine directed approach to Trusted Computing. In USENIX Virtual Machine Research and Technology Symposium, pages 29-41.
11. Huang, X. and Peng, Y. (2009). An Effective Approach for Remote Attestation in Trusted Computing. In WISA 2009: Proceedings of the 2nd International Symposium on Web Information Systems and Applications, pages 80-83, FIN-90571, OULU, FINLAND. Academy Publisher.
12. IMM (2006). TCG Infrastructure Architecture Part-II - Integrity Management. http://www.trustedcomputinggroup.org/resources.
13. Jansen, B., Ramasamy, H. V., and Schunter, M. (2006). Flexible Integrity Protection and Verification Architecture for Virtual Machine Monitors. In The Second Workshop on Advances in Trusted Computing (WATC 06 Fall.
14. Krutz, R. L. and Vines, R. D. (2010). Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Wiley Publishing.
15. Landfermann, R., Kuhlmann, D., Kuhlmann, D., L, R., Ramasamy, H. V., Ramasamy, H. V., Schunter, M., Schunter, M., Ramunno, G., Ramunno, G., Vernizzi, D., and Vernizzi, D. (2006). D.: An Open Trusted Computing Architecture - Secure Virtual Machines Enabling User-defined Policy Enforcement. www.opentc.net.
16. Ormandy, T. (2007). An empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments. In Can Sec West.
17. Rocha, F. and Correia, M. (2011). Lucy in the sky without diamonds: Stealing confidential data in the cloud. Dependable Systems and Networks Workshops, 0:129-134.
18. Sailer, R., Zhang, X., Jaeger, T., and van Doorn, L. (2004). Design and implementation of a tcg-based integrity measurement architecture. In Proceedings of the 13th conference on USENIX Security Symposium - Volume 13, SSYM'04, pages 16-16, Berkeley, CA, USA. USENIX Association.
19. Somorovsky, J., Heiderich, M., and Jensen, M. (2011). All your clouds are belong to us: security analysis of cloud management interfaces. computing security.
20. TCG Architecture Overview (2007). TCG Specification Architecture Overview. http://www.trustedcomputinggroup.org/resources.
21. Threats, C. (2010). Top Threats to Cloud Computing. Technical Report Version 1.0, Cloud Security Alliance.
22. TMI (2010). TCG Trusted Multi-Tenant Infrastructure. http://www. trustedcomputinggroup.org/developers/tr-usted-multitenant-infrastructure.
23. TPM Commands (2007). TPM Specification, TPM Main Part-III Design Principles. http://www.trustedcomputinggroup.org/resources.
24. TSS (2007). TCG Software Stack (TSS) Specification. http://www. trustedcomputinggroup.org/resources.
25. Van Doorn, L. (2007). Trusted Computing Challenges. In STC '07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pages 1-1, New York, NY, USA. ACM.
26. Vaquero, L. M., Rodero-Merino, L., and Morán, D. (2011). Locking the sky: a survey on iaas cloud security. Computing, 91:93-118.