An authentication framework for peer-to-peer cloud
Proceedings of the 6th International Conference on Security of Information and Networks
| Hi-index | 0.00 |
Infrastructure-as-a-service(IaaS) cloud provides the user the ability to use the computing resource of the cloud provider through renting a virtual machine(VM). At the same time it becomes an essential requirement for the user to verify the integrity of his VM. In this paper we designed and implemented TCG(trusted computing group)-based remote attestation for the Xen VM under the assumption that the trusted platform module(TPM) and hyper visor are secure and the privileged domain0 may be malicious. Firstly we realized load-time integrity measurement of the guest OS(operating system) kernel in the hyper visor directly and built the trust chain that is independent of the domain0. Secondly we realized the virtualized AIK(attestation identity key) and PCR(platform configuration register) that simulated the security functions of TPM AIK and PCR and supported VM migration, save and restore operations. Finally through the prototype implementation it is shown that the code complexity and the performance overhead are acceptable for the real system.