A trusted computing environment model in cloud architecture

The main difference between cloud computing and traditional enterprise internal IT services is that the owner and the user of cloud IT infrastructures are separated in cloud. This change requires a security duty separation in cloud computing. Cloud service providers (CSP) should secure the services they offer and cannot exceed the customers´ authorities. Currently, no traditional information security products can meet this requirement. A multi-tenancy trusted computing environment model (MTCEM) is designed for IaaS delivery model, and its purpose is to assure a trusted cloud infrastructure to customers. MTCEM presents a dual level transitive trust mechanism and supports a security duty separation function simultaneously. With MTCEM, CSP and customers can cooperate to build and maintain a trusted cloud computing environment. MTCEM can be used to improve customers´ confidence on cloud computing. The prototype of MTCEM shows that it has low impact on system performance and it is technically and practically feasible.