Title :
Implementing Trust in Cloud Infrastructures
Author :
Neisse, Ricardo ; Holling, Dominik ; Pretschner, Alexander
Author_Institution :
Fraunhofer IESE, Kaiserslautern, Germany
Abstract :
Today´s cloud computing infrastructures usually require customers who transfer data into the cloud to trust the providers of the cloud infrastructure. Not every customer is willing to grant this trust without justification. It should be possible to detect that at least the configuration of the cloud infrastructure -- as provided in the form of a hyper visor and administrative domain software -- has not been changed without the customer´s consent. We present a system that enables periodical and necessity-driven integrity measurements and remote attestations of vital parts of cloud computing infrastructures. Building on the analysis of several relevant attack scenarios, our system is implemented on top of the Xen Cloud Platform and makes use of trusted computing technology to provide security guarantees. We evaluate both security and performance of this system. We show how our system attests the integrity of a cloud infrastructure and detects all changes performed by system administrators in a typical software configuration, even in the presence of a simulated denial-of-service attack.
Keywords :
cloud computing; computer network security; data integrity; Xen cloud platform; administrative domain software; cloud computing infrastructures trust; data transfer; necessity-driven integrity measurement; simulated denial-of-service attack; software configuration; trusted computing technology; Cloud computing; Driver circuits; Hardware; Kernel; Security; Virtual machine monitors; cloud computing; runtime integrity checking; trust; trusted computing;
Conference_Titel :
Cluster, Cloud and Grid Computing (CCGrid), 2011 11th IEEE/ACM International Symposium on
Conference_Location :
Newport Beach, CA
Print_ISBN :
978-1-4577-0129-0
Electronic_ISBN :
978-0-7695-4395-6
DOI :
10.1109/CCGrid.2011.35
