Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Satem: Trusted Service Code Execution across Transactions
SRDS '06 Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
OSLO: improving the security of trusted computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
A Logic of Secure Systems and its Application to Trusted Computing
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Property Based Attestation and Trusted Computing: Analysis and Challenges
NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
Justifying Integrity Using a Virtual Machine Verifier
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Scalable Web Content Attestation
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Bootstrapping Trust in Commodity Computers
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Towards trusted cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Twin clouds: secure cloud computing with low latency
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
RepCloud: achieving fine-grained cloud TCB attestation with reputation systems
Proceedings of the sixth ACM workshop on Scalable trusted computing
Security analysis of public cloud computing
International Journal of Communication Networks and Distributed Systems
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Lightweight distributed heterogeneous attested android clouds
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
A framework for establishing trust in the Cloud
Computers and Electrical Engineering
Proceedings of the 2012 ACM conference on Computer and communications security
Trusted VM snapshots in untrusted cloud infrastructures
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Trusted launch of virtual machine instances in public iaas environments
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Verifying cloud services: present and future
ACM SIGOPS Operating Systems Review
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Customers with security-critical data processing needs are beginning to push back strongly against using cloud computing. Cloud vendors run their computations upon cloud provided VM systems, but customers are worried such host systems may not be able to protect themselves from attack, ensure isolation of customer processing, or load customer processing correctly. To provide assurance of data processing protection in clouds to customers, we advocate methods to improve cloud transparency using hardware-based attestation mechanisms. We find that the centralized management of cloud data centers is ideal for attestation frameworks, enabling the development of a practical approach for customers to trust in the cloud platform. Specifically, we propose a cloud verifier service that generates integrity proofs for customers to verify the integrity and access control enforcement abilities of the cloud platform that protect the integrity of customer's application VMs in IaaS clouds. While a cloud-wide verifier service could present a significant system bottleneck, we demonstrate that aggregating proofs enables significant overhead reductions. As a result, transparency of data security protection can be verified at cloud-scale.