Communications of the ACM
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Computer
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Sharing networked resources with brokered leases
ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Towards trusted cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Device driver safety through a reference validation mechanism
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
Lightweight distributed heterogeneous attested android clouds
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Hi-index | 0.01 |
The applications we use are increasingly packaged as network services running in the cloud under the control of a service provider. Users of these services have no basis to determine if these services are trustworthy, beyond the assurances of the service provider. Our work addresses the problem of how to build support for trustworthy services in the cloud, within the context of a larger trust management framework. This paper shows how users can gain insights and trust into service applications by leveraging trust in a neutral third party: a cloud provider that hosts application services on an infrastructure and platform that it controls. A trusted cloud provider may act as a root of trust to attest cloud-hosted services to their clients---a trusted platform cloud. We have prototyped this approach in a trusted platform-as-a-service cloud provider supporting a Python/Django web framework. The cloud provider seals instances of service applications and attests their Python source code to external users. Once launched and attested, service instances run with an independent identity and are isolated from tampering by the cloud customer, except through well-defined operator interfaces that are part of the service definition.