Building Trusted Sub-domain for the Grid with Trusted Computing
The Grid is all about collaboration, which is supported by dynamic, multi-institutional virtual organizations (VO). The fact that Grid users and resource providers often suffer from attacks outside or inside the VO make it necessary to build a trusted sub-domain. The TCG (Trusted Computing Group) proposes Trusted Computing (TC) to enhance users' trust on today's open architecture platforms by adding a tamper-resistant hardware module called Trusted Platform Module (TPM) to the end system. In this paper, we propose and design an open-source security system based on Linux and TPM hardware to extend the trust on the platform to the Grid environment, and hereby provide sharing of trusted environment. Especially, we demonstrate how to build a trusted sub-domain for the Grid with our system by using trusted attestation and migration based on the TC.
Establishment of Security Levels in Trusted Cloud Computing Platforms
Cloud computing, which provides online resources as a service to users, brings a technology revolution in IT world. However, the data security and privacy on cloud is an important issue, becoming the biggest barrier of cloud computing development. A Trusted Cloud Computing Platform (TCCP) based on remote attestation build a trusted cloud for tenant. The critical section is centralized Trusted Coordinator, taking the place of tenants to authenticate nodes individually in cloud computing platform. But, when a lot of tenants apply for nodes at the same time, Trusted Coordinator (TC) maybe can't deal with these requests quickly. To address this problem, we propose the establishment of security-level for different applications in TCCPs, which divides Trusted Coordinator into three, each responsible for authenticating different application kind. TC would implement different authentication policies, such as user password comparison, image hash verification and trusted chain measurement, according to different security levels.
The Study of Network Information System Security Strategy Based on Trusted Cloud Computing
This paper analyzed functions of the network information system based on trusted computing and trusted computing platform based on cloud computing. Raised the propose to expand the application of trusted computing technology to network information system, to meet the needs of cloud computing of trusted computing, trusted cloud computing, implement the trusted cloud computing. In our design, will take the Trusted Computing Platform (TCP) as the basis of cloud computing system, provide some important security functions to ensure the communication and data security.Finally put forward the implement methods.
The Implementation of Trusted Computing Based Network Trusted Management Information System
In this paper, the application of Trusted Computing Platform is discussed. It is pointed out that the purpose of network management information system by trusted Computing platform is to set up a trusted network system. Based on the analysis of the environment of the trusted network information management system, we employ a trusted computing model in the information system of graduate student at our university. The implementation of network trusted management information system indicates that this method will improve the security of information system.
Study on the Design of Trusted Secure Cloud System Structure
The ordinary cloud system is confronted with various threats in trust and security perspective, which have influenced the extensive use of cloud system. Aiming at the defects in the trusted secure design of the ordinary cloud system frame, a trusted secure cloud system has been designed.
In this paper, a framework of end to end (E2E) trusted cloud infrastructure is proposed. On one end of the cloud provider, the trusted chain is extended to VMM and VM by trusted measurement and remote attestation, which can assure the trust of VMM and VM. On another end of the cloud terminal, the trusted mechanism is used to protect the terminal security. For the trust of cloud network, trusted network connect (TNC) is leveraged to protect the security of communication between the loud provider and the cloud terminal. The E2E trusted cloud infrastructure provides an E2E trusted protection for cloud computing. In addition, it can support the Chinese cryptographic algorithm (SMx) based on TPM 2.0.
Trusted Platform Module as an Enabler for Security in Cloud Computing
This paper studies the possibility of using TCG (Trusted Computing Group) specifications to establish trust in Cloud Computing, especially between the provider of Cloud Computing infrastructures and his customers. The first part describes the context and the motivations that led to TCG specifications. The second part describes the architecture, the functions and the properties of TPM (Trusted Platform Module) which is the root of trust in TCG. The last part analyses several approaches to adapt TPM in order to build trust in Cloud computing.
Study on security management model based on trusted agent in mobile cloud computing environment
On the base of introducing key techniques such as mobile cloud computing, the trusted third party, REST services, etc, this paper elaborated the construction steps of agent model, introduced the access mode of mobile cloud computing based on proxy, designed a security management model based on trusted agent who acts as a trusted third party to provide multiple levels, and distributed end-to-end security services.
Design and Implementation of Proprietary Cloud Virtualization Security Management System
Through the thorough analysis and research the development present situation of cloud computing trusted network technology at home and abroad,combined with the construction target and needs of small and medium-sized enterprise cloud computing information security,by building aproprietary cloud trusted network architecture,to clarify the key elements and trusted technology of build a trusted network,systematically carried out research on the key technology of trusted virtual machine,virtual trusted gateway,and through the simulation test and test analysis of network in small and medium-sized enterprises to further verify the rationality of the results,formed a relatively complete proprietary cloud trusted network enhancement solution.
An Implementation of Trusted Remote Attestation Oriented the IaaSCloud
AbstractThe hosting service model of cloud computing brings trustworthinessissue of cloud providers, which is a serious obstacle for wider adoption of cloud-based services. Based on open source components of TCG (Trusted Computing Group)and IBM’s IMA (Integrity Measurement Architecture), this paper designed and implementeda remote attestation architecture and protocol to verify the trustworthiness of users’ virtual machineinIaaS cloud. Meanwhile, as theverification agent, Trusted Third Partyminimized cloud configuration information disclosure, ensured the privacy of cloud.The experiments demonstratedthat this architecture brought little extra cost while provided trustworthiness guarantee.Keywordstrustworthinessremote attestationcloud computingIaaSvirtual machine