Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Environment Perception for Cognitive Cloud Gaming Read chapter Read first chapter

2014 | OriginalPaper | Chapter

Towards a Trusted Launch Mechanism for Virtual Machines in Cloud Computing

Authors : Juan Wang, Xuhui Xie, Qingfei Wang, Fei Yan, Hongxin Hu, Sijun Zhou, Tao Wang

Published in: Cloud Computing

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Although cloud computing enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm also brings forth many new security challenges. The security of virtual machines (VM) is one of such critical challenges for cloud computing. However, existing techniques for VM security, such as Terra, tboot and TXT, mainly focus on the security of VM running environment. There is a lack of protection mechanism for VMs themselves in clouds. In this paper, we propose a trusted launch solution for virtual machines (TLVM), including four systematic mechanisms, image encryption, measurement, attestation and security-enhanced authentication, for protecting VMs in clouds. We also discuss a proof-of-concept implementation of our approach. Our experimental results demonstrate the feasibility of our solution to protect the whole launch process of a VM.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Boosting MapReduce with Network-Aware Task Assignment
next chapter Dynamic Resource Provisioning in Cloud Computing: A Heuristic Markovian Approach
Literature
1.
Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. ACM SIGOPS Operating Syst. Rev. 37(5), 193–206 (2003)CrossRef
2.
3.
4.
Azab, A.M., Ning, P., Wang, Z., Jiang, X., Zhang, X., Skalsky, N.C.: HyperSentry: enabling stealthy in-context measurement of hypervisor integrity. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 38–49. ACM (2010)
5.
Dai, W., Jin, H., Zou, D., Xu, S., Zheng, W., Shi, L.: TEE: a virtual DRTM based execution environment for secure cloud-end computing. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), New York (2010)
6.
Challener, D., Yoder, K., Catherman, R.: A Practical Guide to Trusted Computing. Pearson Education, Indianapolis (2008)
7.
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of 11th ACM Conference on Computer and Communications Security, ACM Press (2004)
8.
Azab, A.M., Ning, P., Zhang, X.: DSICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS ’11), pp. 375–388. ACM, New York (2011)
9.
Suh, G.E., Clarke, D., Gassend, B., et al.: Hardware mechanisms for memory integrity checking[R]. MIT LCS TR-872 (2003)
10.
Maheshwari, U., Vingralek, R., Shapiro, W.: How to build a trusted database system on untrusted storage. In: Proceedings of the 4th USENIX Symposium on Operating System Design and Implementation (2000)
11.
Tomonori, F., Masanori, O.: Protecting the integrity of an entire file system. In: First IEEE International Workshop on Information Assurance (2003)
12.
Santos, N., Gummadi, K.P., Rodrigues, R.: Towards trusted cloud computing. In: Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, HotCloud2009. USENIX Association, Berkeley (2009)
13.
Schiffman, J., Moyer, T., Vijayakumar, H., Jaeger, T., McDaniel, P.: Seeding clouds with trust anchors. In: Proceedings of the 2010 ACM Workshop on CloudComputing Security, CCSW 2010, pp. 43–46. ACM, New York (2010)
14.
Aslam, M., Gehrmann, C., Rasmusson, L., Bjorkman, M.: Securely launching virtual machines on trustworthy platforms in a public cloud - an enterprise’s perspective. In: Leymann, F., Ivanov, I., van Sinderen, M., Shan, T. (eds.) CLOSER, pp. 511–521. SciTePress, Copenhagen (2012)
15.
Paladi, N., Gehrmann, C., Aslam, M., Morenius, F.: Trusted launch of virtual machine instances in public iaas environments. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 309–323. Springer, Heidelberg (2013)
Metadata
Title
Towards a Trusted Launch Mechanism for Virtual Machines in Cloud Computing
Authors
Juan Wang
Xuhui Xie
Qingfei Wang
Fei Yan
Hongxin Hu
Sijun Zhou
Tao Wang
Copyright Year
2014
Book
Cloud Computing

Print ISBN: 978-3-319-05505-3

Electronic ISBN: 978-3-319-05506-0

Copyright Year: 2014

DOI
https://doi.org/10.1007/978-3-319-05506-0_9

Premium Partner

    Image Credits