The Eigentrust algorithm for reputation management in P2P networks
WWW '03 Proceedings of the 12th international conference on World Wide Web
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Experience with an object reputation system for peer-to-peer filesharing
NSDI'06 Proceedings of the 3rd conference on Networked Systems Design & Implementation - Volume 3
TVDc: managing security in the trusted virtual datacenter
ACM SIGOPS Operating Systems Review
Turtles all the way down: research challenges in user-based attestation
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
Property-Based Attestation without a Trusted Third Party
ISC '08 Proceedings of the 11th international conference on Information Security
Improving the scalability of platform attestation
Proceedings of the 3rd ACM workshop on Scalable trusted computing
A survey of attack and defense techniques for reputation systems
ACM Computing Surveys (CSUR)
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Cloud security is not (just) virtualization security: a short paper
Proceedings of the 2009 ACM workshop on Cloud computing security
NoHype: virtualized cloud infrastructure without the virtualization
Proceedings of the 37th annual international symposium on Computer architecture
TrustVisor: Efficient TCB Reduction and Attestation
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Towards trusted cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Private virtual infrastructure for cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Trusted computing and provenance: better together
TAPP'10 Proceedings of the 2nd conference on Theory and practice of provenance
Seeding clouds with trust anchors
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
A framework for establishing trust in the Cloud
Computers and Electrical Engineering
| Hi-index | 0.01 |
Security concerns for emerging cloud computing models have become the focus of much research, but little of this targets the underlying infrastructure. Trusted Cloud proposals generally assert that the Trusted Computing Base (TCB) of the cloud should be clearly defined and attested to. However, specific characteristics of trust in the cloud make such solutions difficult to implement in an effective and practical way. We present RepCloud, a reputation system for managing decentralised attestation metrics in the cloud. We observe that as being deterministic and tamper-proof, trust evidence generated by the TCG framework can be efficiently transmitted within the cloud. In a web of nodes with high connectivity and mutual-attestation frequency, corrupted nodes can be identified effectively. By modelling this web with RepCloud, we achieved a fine-grained cloud TCB attestation scheme with high confidence for trust. Cloud users can determine the security properties of the exact nodes that may affect the genuine functionalities of their applications, without obtaining much internal information of the cloud. Experiments showed that besides achieved fine-grained attestation RepCloud still incurred lower trust management overhead than existing trusted cloud proposals.