SODA

Trusted Launch of Virtual Machine Instances in Public IaaS Environments

Paladi, Nicolae and Gehrmann, Christian and Aslam, Mudassar and Morenius, Fredric (2013) Trusted Launch of Virtual Machine Instances in Public IaaS Environments. Lecture Notes in Computer Science, 7839 . pp. 309-323.

This is the latest version of this item.

[img]
Preview
PDF
364Kb

Abstract

Cloud computing and Infrastructure-as-a-Service (IaaS) are emerging and promising technologies, however their adoption is hampered by data security concerns. At the same time, Trusted Computing (TC) is experiencing an increasing interest as a security mechanism for IaaS. In this paper we present a protocol to ensure the launch of a virtual machine (VM) instance on a trusted remote compute host. Relying on Trusted Platform Module operations such as binding and sealing to provide integrity guarantees for clients that require a trusted VM launch, we have designed a trusted launch protocol for VM instances in public IaaS environments. We also present a proof-of-concept implementation of the protocol based on OpenStack, an open-source IaaS platform. The results provide a basis for the use of TC mechanisms within IaaS platforms and pave the way for a wider applicability of TC to IaaS security.

Item Type:Article
Uncontrolled Keywords:IaaS, security, trusted computing, trusted virtual machine launch, OpenStack
ID Code:5467
Deposited By:Nicolae Paladi
Deposited On:13 Mar 2013 10:17
Last Modified:28 Apr 2015 17:31

Repository Staff Only: item control page