Enhancing grid security using trusted virtualization

Authors:
Hans Löhr;HariGovind V. Ramasamy;Ahmad-Reza Sadeghi;Stefan Schulz;Matthias Schunter;Christian Stüble
Affiliations:
Horst-Görtz-Institute for IT-Security, Ruhr-University Bochum, Germany;IBM Zurich Research Laboratory Rüschlikon, Switzerland;Horst-Görtz-Institute for IT-Security, Ruhr-University Bochum, Germany;Max-Planck Institut für Eisenforschung, Germany;IBM Zurich Research Laboratory Rüschlikon, Switzerland;Horst-Görtz-Institute for IT-Security, Ruhr-University Bochum, Germany
Venue:
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Year:
2007

Citing 17
Cited 13

Understanding Code Mobility

IEEE Transactions on Software Engineering
A security architecture for computational grids

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Towards Trust-Aware Resource Management in Grid Computing Systems

CCGRID '02 Proceedings of the 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Property-based attestation for computing platforms: caring about properties, not mechanisms

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Addressing the trust asymmetry problem in grid computing with encrypted computation

LCR '04 Proceedings of the 7th workshop on Workshop on languages, compilers, and run-time support for scalable systems
The Anatomy of the Grid: Enabling Scalable Virtual Organizations

International Journal of High Performance Computing Applications
Result Verification and Trust-Based Scheduling in Peer-to-Peer Grids

P2P '05 Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
PRIMA: policy-reduced integrity measurement architecture

Proceedings of the eleventh ACM symposium on Access control models and technologies
Daonity: grid security with behaviour conformity from trusted computing

Proceedings of the first ACM workshop on Scalable trusted computing
Shamon: A System for Distributed Mandatory Access Control

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Countering security threats in service-oriented on-demand grid computing using sandboxing and trusted computing techniques

Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Sandboxing for a free-to-join grid with support for secure site-wide storage area

VTDC '06 Proceedings of the 2nd International Workshop on Virtualization Technology in Distributed Computing
GridSec: trusted grid computing with security binding and self-defense against network worms and DDoS attacks

ICCS'05 Proceedings of the 5th international conference on Computational Science - Volume Part III

Towards Trust Services for Language-Based Virtual Machines for Grid Computing

Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Securing Grid Workflows with Trusted Computing

ICCS '08 Proceedings of the 8th international conference on Computational Science, Part III
Secure Sharing of an ICT Infrastructure through Vinci

AIMS '08 Proceedings of the 2nd international conference on Autonomous Infrastructure, Management and Security: Resilient Networks and Services
Trusted Computing: Security and Applications

Cryptologia
Towards platform-independent trusted computing

Proceedings of the 2009 ACM workshop on Scalable trusted computing
A secure DVB set-top box via trusting computing technologies

CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Improving reliability of a heterogeneous grid-based intrusion detection platform using levels of redundancies

Future Generation Computer Systems
Trusted computing and provenance: better together

TAPP'10 Proceedings of the 2nd conference on Theory and practice of provenance
Attestation of integrity of overlay networks

Journal of Systems Architecture: the EUROMICRO Journal
Lightweight distributed heterogeneous attested android clouds

TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Single Attestation Image for a Trusted and Scalable Grid

International Journal of Grid and High Performance Computing
Security policy verification in grid systems

Proceedings of the 6th International Conference on Security of Information and Networks
Reliable accounting in grids

International Journal of High Performance Computing and Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Grid applications increasingly have sophisticated functional and security requirements. Current techniques mostly protect the grid resource provider from attacks by the grid user, while leaving the user comparatively dependent on the well-behavior of the provider. We present the key components for a trustworthy grid architecture and address this trust asymmetry by using a combination of trusted computing and virtualization technologies. We propose a scalable offline attestation protocol, which allows the selection of trustworthy partners in the grid with low overhead. By providing multilateral security, i.e., security for both the grid user and the grid provider, our protocol increases the confidence that can be placed on the correctness of a grid computation and on the protection of user-provided assets.