Seeding clouds with trust anchors

Schiffman, Joshua; Moyer, Thomas; Vijayakumar, Hayawardh; Jaeger, Trent; McDaniel, Patrick

doi:10.1145/1866835.1866843

Cited by 83 publications

(44 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An impediment of this arrangement is that the trusted organizer keeps up data about all hosts sent on the IaaS stage, making it an important focus to an enemy who endeavors to uncover people in general IaaS supplier to security assaults. A decentralized way to deal with honesty confirmation is embraced by Schiffman et al [2] to address the restricted straightforwardness of IaaS stages and versatility limits forced by outsider trustworthiness confirmation instruments. The creators portray a trusted engineering where inhabitants confirm the uprightness of IaaS has through a trusted cloud verifier intermediary set in the cloud supplier space.…”

Section: A Trusted Launchmentioning

confidence: 99%

“…We depict distributed storage security systems that permit simple information relocation between suppliers without influencing its confidentiality. Graf et al [2] exhibited an IaaS stockpiling security conspire tending to get to control. The creators break down get to rights administration of shared formed scrambled information on cloud framework for a limited gathering and propose a versatile and flexible key administration conspire.…”

Section: B Secure Storagementioning

confidence: 99%

“…Get to rights are spoken to as a diagram, making a refinement between information encryption keys and scrambled updates on the keys and empowering flexible join/leave customer operations, like properties displayed by the conventions in this paper. Regardless of its favorable circumstances, the prerequisite for customer side encryption confines the materialness of the plan in [2] and presents critical utilitarian restrictions on ordering and inquiry. In our model, every single cryptographic operation are performed on trusted IaaS process has, which can distribute more computational assets than customer gadgets.…”

Section: B Secure Storagementioning

confidence: 99%

“…Be that as it may, the unpredictability of innovation hidden distributed computing presents novel security dangers and difficulties. Dangers and relief procedures for the IaaS display have been under concentrated investigation lately [1], [2], [3], [4], while the business has put resources into improved security arrangements and issued best practice suggestions [5]. From an end-client perspective the security of cloud framework suggests obvious trust in the cloud supplier, at times verified by reports of outside examiners.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Security Based Infrastructure for cloud Storage system in terms of Public Data

Rani

2017

IJRASET

View full text Add to dashboard Cite

The framework cloud (IaaS) benefit demonstrate offers enhanced asset flexibility and accessibility, where occupantsprotected from the details of equipment upkeep -lease registering assets to send and work complex frameworks. Substantial scale administrations running on IaaS stages exhibit the practicality of this model; all things considered, numerous associations working on delicate information abstain from moving operations to IaaS stages because of security concerns. In this paper, we portray a system for information and operation security in IaaS, comprising of conventions for a trusted dispatch of virtual machines and space based capacity insurance. We proceed with a broad hypothetical examination with proofs about convention resistance against assaults in the defined risk demonstrate. The conventions enable trust to be set up by remotely bearing witness to have stage configuration before propelling visitor virtual machines and guarantee confidentiality of information in remote stockpiling, with encryption keys kept up outside of the IaaS space. Exhibited exploratory outcomes show the legitimacy and efficiency of the proposed conventions. The structure model was executed on a proving ground working an open electronic wellbeing record framework, demonstrating that the proposed conventions can be incorporated into existing cloud conditions. Index Terms: Security; Cloud Computing; Storage Protection; Trusted Computing. I. INTRODUCTIONCloud computing has progressed from a bold vision to massive deployments in different application spaces. Be that as it may, the unpredictability of innovation hidden distributed computing presents novel security dangers and difficulties. Dangers and relief procedures for the IaaS display have been under concentrated investigation lately [1], [2], [3], [4], while the business has put resources into improved security arrangements and issued best practice suggestions [5]. From an end-client perspective the security of cloud framework suggests obvious trust in the cloud supplier, at times verified by reports of outside examiners. While suppliers may offer security improvements, for example, assurance of information very still, end-clients have restricted or no power over such instruments. There is a reasonable requirement for usable and practical cloud stage security components appropriate for associations that depend on cloud framework. One such system is stage honesty verification for figure has that help the virtualized cloud framework. Sever allarge cloud vendors have signal edpractical implementations of this mechanism, primarily to protect the cloud infrastructure from insider threats and advanced persistent threats. We see two major improvement vectors regarding these implementations. First, details of such proprietary solutions are not disclosed and can thus not be implemented and improved by other cloud platforms. Second, to the best of our knowledge, none of the solutions provides cloud tenants a proof regarding the integrity of compute hosts supporting their slic...

show abstract

Section: A Trusted Launchmentioning

confidence: 99%

Section: B Secure Storagementioning

confidence: 99%

Section: B Secure Storagementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Security Based Infrastructure for cloud Storage system in terms of Public Data

Rani

2017

IJRASET

View full text Add to dashboard Cite

show abstract

“…Thus, it provides the means to achieve verifiability and transparency of a trusted platform's software state. Trusted Computing enables the establishment of trusted execution environments in commodity cloud infrastructures [37,36]. However, the reliable and efficient attestation of execution environments at run-time remains an open research problem.…”

Section: Trusted Computingmentioning

confidence: 99%

Twin Clouds: Secure Cloud Computing with Low Latency

Bugiel

Nürnberger

Sadeghi

et al. 2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Cloud computing promises a cost effective enabling technology to outsource storage and massively parallel computations. However, existing approaches for provably secure outsourcing of data and arbitrary computations are either based on tamper-proof hardware or fully homomorphic encryption. The former approaches are not scaleable, while the latter ones are currently not efficient enough to be used in practice.We propose an architecture and protocols that accumulate slow secure computations over time and provide the possibility to query them in parallel on demand by leveraging the benefits of cloud computing. In our approach, the user communicates with a resource-constrained Trusted Cloud (either a private cloud or built from multiple secure hardware modules) which encrypts algorithms and data to be stored and later on queried in the powerful but untrusted Commodity Cloud. We split our protocols such that the Trusted Cloud performs security-critical precomputations in the setup phase, while the Commodity Cloud computes the time-critical query in parallel under encryption in the query phase.

show abstract

Security and trust preserving inter‐ and intra‐cloud VM migrations

2020

View full text Add to dashboard Cite

This paper focus on providing a secure and trustworthy solution for virtual machine (VM) migration within an existing cloud provider domain, and/or to the other federating cloud providers. The infrastructure-as-a-service (IaaS) cloud service model is mainly addressed to extend and complement the previous Trusted Computing techniques for secure VM launch and VM migration case. The VM migration solution proposed in this paper uses a Trust_Token based to guarantee that the user VMs can only be migrated and hosted on a trustworthy and/or compliant cloud platforms. The possibility to also check the compliance of the cloud platforms with the pre-defined baseline configurations makes our solution compatible with an existing widely accepted standards-based, security-focused cloud frameworks like FedRAMP. Our proposed solution can be used for both inter-and intra-cloud VM migrations. Different from previous schemes, our solution is not dependent on an active (on-line) trusted third party; that is, the trusted third party only performs the platform certification and is not involved in the actual VM migration process. We use the Tamarin solver to realize a formal security analysis of the proposed migration protocol and show that our protocol is safe under the Dolev-Yao intruder model. Finally, we show how our proposed mechanisms fulfill major security and trust requirements for secure VM migration in cloud environments.

show abstract

Seeding clouds with trust anchors

Cited by 83 publications

References 16 publications

A Security Based Infrastructure for cloud Storage system in terms of Public Data

A Security Based Infrastructure for cloud Storage system in terms of Public Data

Twin Clouds: Secure Cloud Computing with Low Latency

Security and trust preserving inter‐ and intra‐cloud VM migrations

Contact Info

Product

Resources

About