120 likes | 396 Views
Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service ( IaaS ). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian ). Overview. Problem Statement TPM Proposal Discussion Conclusion References. Problem Statement. Trusted Platform Module.
E N D
Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service (IaaS). Gregory T. Hoffer CS7323 – Research Seminar (Dr. QiTian)
Overview • Problem Statement • TPM • Proposal • Discussion • Conclusion • References
Trusted Platform Module (Image From [1])
Security Features provided by TPM • 1) Access Control: Access to sensitive data and execution of some commands are subject to permission. It is the case for access to cryptographic keys, PCRs and execution of key generation. • 2) Attestation: Attestation provided by an entity is a proof of specific data knowledge by that entity. It is usually associated with a digital signature. TCG uses this functionality to prove to a remote entity (e.g. service provider) that a platform wishing to access to the service meets specific integrity requirements. The attestation may be related to hardware or software integrity. • 3) Measurements, Logging and Reporting: The measurement is the process of computing a state indicator of hardware and/or software. It may be a hash for a software code. If the measurement is reliable, it gives information on the integrity of the measured entity. The measuring entity must be trustable in order to obtain reliable measurements. TCG defines a module called CRTM (Core Root of Trust for Measurement) which is assumed to be trustable. It is executed when the platform is powered on.
Project Proposal • Virtualize TPM • Provide Cloud Customer with assurance or trust that state and configuration of physical platform.
Questions and Discussion • Any questions or comments?
References [1] M. Achemlal, S. Gharout, C. Gaber. 2011. Trusted Platform Module as an Enabler for Security in Cloud Computing. In Network and Information Systems Security (SAR-SSI), La Rouchelle, FR. May 18-21, 2011. [2] R. Neise, D. Holling, A. Pretschner. 2011. Implementing Trust in Cloud Infrastructures. In 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2011, Newport Beach, CA. May 23-26, 2011. [3] B. Berthelon, S. Varette, P. Bouvry. 2011. CertiCloud: a Novel TPM-based Approach to Ensure Cloud IaaS Security. In 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2011, Newport Beach, CA. May 23-26, 2011.