ϟ
DOI: 10.4018/978-1-4666-4801-2.ch004
OpenAccess: Closed
This work is not Open Acccess. We may still have a PDF, if this is the case there will be a green box below.

Trusted Cloud Initiative Reference Architecture

Yushi Shen,Ling Wu,Yale Li,Shaofeng Liu,Qian Wen

The Trusted Cloud Initiative helps cloud providers develop industry-recommended, secure, and interoperable identity, access, and compliance management configurations and practices. The Trusted Cloud Initiative is to develop reference models and provide education in a vendor-neutral manner, inclusive of all CSA members and affiliates who wish to participate. The Trusted Cloud Initiative Reference Architecture is both a methodology and a set of tools, enabling security architects, enterprise architects, and risk management professionals to leverage a common set of solutions to fulfill their common needs. It enables them to assess their internal IT service and that of their cloud providers in terms of security capabilities, and to plan a roadmap to meet the security needs of their business. The purpose of this quick guide is to take a user through the Trusted Cloud architecture much like an owner’s manual walks a consumer through a product.
    Cite this:
Generate Citation
Powered by Citationsy*
Related Papers:
DOI: 10.1007/978-3-540-79499-8_36
2007
Building Trusted Sub-domain for the Grid with Trusted Computing
The Grid is all about collaboration, which is supported by dynamic, multi-institutional virtual organizations (VO). The fact that Grid users and resource providers often suffer from attacks outside or inside the VO make it necessary to build a trusted sub-domain. The TCG (Trusted Computing Group) proposes Trusted Computing (TC) to enhance users' trust on today's open architecture platforms by adding a tamper-resistant hardware module called Trusted Platform Module (TPM) to the end system. In this paper, we propose and design an open-source security system based on Linux and TPM hardware to extend the trust on the platform to the Grid environment, and hereby provide sharing of trusted environment. Especially, we demonstrate how to build a trusted sub-domain for the Grid with our system by using trusted attestation and migration based on the TC.
DOI: 10.1109/greencom-ithings-cpscom.2013.398
2013
Cited 10 times
Establishment of Security Levels in Trusted Cloud Computing Platforms
Cloud computing, which provides online resources as a service to users, brings a technology revolution in IT world. However, the data security and privacy on cloud is an important issue, becoming the biggest barrier of cloud computing development. A Trusted Cloud Computing Platform (TCCP) based on remote attestation build a trusted cloud for tenant. The critical section is centralized Trusted Coordinator, taking the place of tenants to authenticate nodes individually in cloud computing platform. But, when a lot of tenants apply for nodes at the same time, Trusted Coordinator (TC) maybe can't deal with these requests quickly. To address this problem, we propose the establishment of security-level for different applications in TCCPs, which divides Trusted Coordinator into three, each responsible for authenticating different application kind. TC would implement different authentication policies, such as user password comparison, image hash verification and trusted chain measurement, according to different security levels.
DOI: 10.4028/www.scientific.net/amm.571-572.400
2014
The Study of Network Information System Security Strategy Based on Trusted Cloud Computing
This paper analyzed functions of the network information system based on trusted computing and trusted computing platform based on cloud computing. Raised the propose to expand the application of trusted computing technology to network information system, to meet the needs of cloud computing of trusted computing, trusted cloud computing, implement the trusted cloud computing. In our design, will take the Trusted Computing Platform (TCP) as the basis of cloud computing system, provide some important security functions to ensure the communication and data security.Finally put forward the implement methods.
DOI: 10.4028/www.scientific.net/amr.532-533.1064
2012
The Implementation of Trusted Computing Based Network Trusted Management Information System
In this paper, the application of Trusted Computing Platform is discussed. It is pointed out that the purpose of network management information system by trusted Computing platform is to set up a trusted network system. Based on the analysis of the environment of the trusted network information management system, we employ a trusted computing model in the information system of graduate student at our university. The implementation of network trusted management information system indicates that this method will improve the security of information system.
DOI: 10.4028/www.scientific.net/amm.416-417.1444
2013
Study on the Design of Trusted Secure Cloud System Structure
The ordinary cloud system is confronted with various threats in trust and security perspective, which have influenced the extensive use of cloud system. Aiming at the defects in the trusted secure design of the ordinary cloud system frame, a trusted secure cloud system has been designed.
DOI: 10.1145/2660267.2662383
2014
Cited 5 times
POSTER
In this paper, a framework of end to end (E2E) trusted cloud infrastructure is proposed. On one end of the cloud provider, the trusted chain is extended to VMM and VM by trusted measurement and remote attestation, which can assure the trust of VMM and VM. On another end of the cloud terminal, the trusted mechanism is used to protect the terminal security. For the trust of cloud network, trusted network connect (TNC) is leveraged to protect the security of communication between the loud provider and the cloud terminal. The E2E trusted cloud infrastructure provides an E2E trusted protection for cloud computing. In addition, it can support the Chinese cryptographic algorithm (SMx) based on TPM 2.0.
DOI: 10.1109/sar-ssi.2011.5931361
2011
Cited 20 times
Trusted Platform Module as an Enabler for Security in Cloud Computing
This paper studies the possibility of using TCG (Trusted Computing Group) specifications to establish trust in Cloud Computing, especially between the provider of Cloud Computing infrastructures and his customers. The first part describes the context and the motivations that led to TCG specifications. The second part describes the architecture, the functions and the properties of TPM (Trusted Platform Module) which is the root of trust in TCG. The last part analyses several approaches to adapt TPM in order to build trust in Cloud computing.
DOI: 10.1049/cp.2015.0838
2015
Study on security management model based on trusted agent in mobile cloud computing environment
On the base of introducing key techniques such as mobile cloud computing, the trusted third party, REST services, etc, this paper elaborated the construction steps of agent model, introduced the access mode of mobile cloud computing based on proxy, designed a security management model based on trusted agent who acts as a trusted third party to provide multiple levels, and distributed end-to-end security services.
MAG: 2377184255
2005
The Research on Constructing a Network Based on Trusted Computing
The paper mainly analyzes the architecture of trusted computing and the architecture of the networks that is based on trusted computing, and then gives some suggestions on how to build the trusted computing network.
MAG: 2391359728
2013
Design and Implementation of Proprietary Cloud Virtualization Security Management System
Through the thorough analysis and research the development present situation of cloud computing trusted network technology at home and abroad,combined with the construction target and needs of small and medium-sized enterprise cloud computing information security,by building aproprietary cloud trusted network architecture,to clarify the key elements and trusted technology of build a trusted network,systematically carried out research on the key technology of trusted virtual machine,virtual trusted gateway,and through the simulation test and test analysis of network in small and medium-sized enterprises to further verify the rationality of the results,formed a relatively complete proprietary cloud trusted network enhancement solution.
MAG: 2395948942
2014
Construction and Verification of the Trusted Cloud Service.
MAG: 2508973909
2012
Trustworthy Computing and Services: International Conference, ISCTCS 2012, Beijing, China, May/June 2012, Revised Selected Papers
DOI: 10.1201/9781315372112-31
2016
◾ Locking Down Cloud Servers
MAG: 2574775466
2015
A Security Protocol for Trusted Access to Cloud Environment
DOI: 10.14801/jkiit.2015.13.5.65
2015
Improving Trusted Cloud Computing Platform with Hybrid Security Protocols
MAG: 2915744583
2018
Trusted Platform Module for Security in Cloud Computing
MAG: 2922659072
2018
Secured data in cloud computing using Trusted/ platform
DOI: 10.5220/0010558905600567
¤ Open Access
2021
Cloud Key Management using Trusted Execution Environment
DOI: 10.1007/978-3-642-35795-4_25
2012
An Implementation of Trusted Remote Attestation Oriented the IaaSCloud
AbstractThe hosting service model of cloud computing brings trustworthinessissue of cloud providers, which is a serious obstacle for wider adoption of cloud-based services. Based on open source components of TCG (Trusted Computing Group)and IBM’s IMA (Integrity Measurement Architecture), this paper designed and implementeda remote attestation architecture and protocol to verify the trustworthiness of users’ virtual machineinIaaS cloud. Meanwhile, as theverification agent, Trusted Third Partyminimized cloud configuration information disclosure, ensured the privacy of cloud.The experiments demonstratedthat this architecture brought little extra cost while provided trustworthiness guarantee.Keywordstrustworthinessremote attestationcloud computingIaaSvirtual machine
Trusted Cloud Initiative Reference Architecture” is a paper by Yushi Shen Ling Wu Yale Li Shaofeng Liu Qian Wen published in the journal Advances in systems analysis, software engineering, and high performance computing book series in 2014. It has an Open Access status of “closed”. You can read and download a PDF Full Text of this paper here.