Dynamic Measurement Protocol in Infrastructure as a Service

Shuang Xiang; Bo Zhao; An Yang; Tao Wei

doi:10.1109/TST.2014.6919823

Tsinghua Science and Technology 2014, 19(5): 470-477 https://doi.org/10.1109/TST.2014.6919823

Open Access | Issue | Published: 13 October 2014

Dynamic Measurement Protocol in Infrastructure as a Service

Show Author's Information Hide Author's Information Shuang Xiang, Bo Zhao(

), An Yang, Tao Wei

School of Computer, Wuhan University, Wuhan 430072, China.

Keywords:

Burrow-Abadi-Needham (BAN) logic, real-time security, trusted dynamic measurement

Cite this article:

Xiang S, Zhao B, Yang A, et al. Dynamic Measurement Protocol in Infrastructure as a Service. Tsinghua Science and Technology, 2014, 19(5): 470-477. https://doi.org/10.1109/TST.2014.6919823

Download citation

EndNote(RIS)

BibTeX

451

Views

Downloads

Citations

Crossref

N/A

WoS

Scopus

CSCD

Abstract Full text About this article

Abstract

Infrastructure as a Service (IaaS) has brought advantages to users because virtualization technology hides the details of the physical resources, but this leads to the problem of users being unable to perceive their security. This defect has obstructed cloud computing from wide-spread popularity and development. To solve this problem, a dynamic measurement protocol in IaaS is presented in this paper. The protocol makes it possible for the user to get the real-time security status of the resources, thereby solving the problem of guaranteeing dynamic credibility. This changes the cloud service security provider from the operator to the users themselves. This study has verified the security of the protocol by means of Burrow-Abadi-Needham (BAN) logic, and the result shows that it can satisfy requirements for innovation, privacy, and integrity. Finally, based on different IaaS platforms, this study has conducted a performance analysis to demonstrate that this protocol is reliable, secure, and efficient.

Full text

Abstract

Full text

Outline

About this article

Dynamic Measurement Protocol in Infrastructure as a Service

Show Author's information Hide Author's Information Shuang Xiang, Bo Zhao(

), An Yang, Tao Wei

School of Computer, Wuhan University, Wuhan 430072, China.

Abstract

Keywords: Burrow-Abadi-Needham (BAN) logic, real-time security, trusted dynamic measurement

References(15)

[1]

NIST definition of cloud comp., http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf, 2012.

[2]

Amazon elastic compute cloud (EC2), http://aws.amazon.com/ec2/, 2006.

[3]

S. Nuno, G. Krishna, and R. Rodrigo, Towards trusted cloud computing, in Proc. the 2009 Conference on Hot Topics in Cloud Computing, 2009, pp. 22-27.

[4]

I. Khan, H. Rehman, and Z. Anwar, Design and deployment of a trusted eucalyptus cloud, in Proc. 2011 IEEE International Conference on Cloud Computing (CLOUD), 2011, pp. 380-387.

DOI

[5]

W. Cui, Y. Li, and X. Si, The protocol design of a eucalyptus-based infrastructure-as-a-service (IaaS) cloud framework, Journal of Electronics & Information Technology, vol. 34, no. 7, pp. 1748-1754, 2012.

DOI Google Scholar

[6]

B. Bertholon, S. Varrette, and P. Bouvry, CertiCloud: A novel TPM-based approach to ensure cloud IaaS security, in Proc. IEEE International Conference on Cloud Computing (CLOUD), 2011, pp. 121-130.

DOI

[7]

D. Daniel, W. Rich, G. Chris, G. Chris, O. Graziano, S. Sunil, Y. Lamia, and Z. Dmitrii, The eucalyptus opensource cloud-computing system, in Proc. 9th IEEE/ACM International Symposium on Cluster Computing and the Grid, 2009, pp. 124-131.

[8]

The OpenStack Community, OpenStack cloud software, http://www.openstack.org/, 2011.

[9]

The OpenNebula Project, OpenNebula: The open source toolkit for cloud computing, http://opennebula.org/, 2011.

[10]

M. Burrows, M. Abadi, and R. Needham, A logic of authentication, ACM Transactions in Computer System, vol. 8, no. 1, pp. 18-36, 1990.

DOI Google Scholar

[11]

S. S. Ahamad, V. N. Sastry, S. K. Udgata, Secure mobile payment framework based on UICC with formal verification, Int. J. of Computational Science and Engineering, vol. 9, no. 4, pp. 355-370, 2014.

DOI Google Scholar

[12]

TCG, TCG specification architecture overview, https://www.Trustedcomputinggroup.org, 2010.

[13]

Intel TXT, http://www.intel.com/content/www/us/en/data-security/security-overview-general-technology.html, 2007.

[14]

AMD SVM, http://www.anandtech.com/show/2480/9, 2007.

[15]

C. Wang, H. Leung, S. C. Cheung, and Yumin Wang, Use of cryptographic technologies for privacy protection of watermarks in internet retails of digital contents, Int. J. of High Performance Computing and Networking, vol. 3, no. 5/6, pp. 385-394, 2005.

DOI Google Scholar

About this article

Publication history

Acknowledgements

Rights and permissions

Publication history

Received: 15 July 2014

Revised: 21 July 2014

Accepted: 22 August 2014

Published: 13 October 2014

Issue date: October 2014

Copyright

Acknowledgements

This work was supported by the National Basic Research Program of China (No. 2014CB340600), the National Natural Science Foundation of China (Nos. 61332019, 61173138, 6127245, and 91118003), and the New Products and Technology Research and Development Projects of Hubei Province (No. 2012BAA03004).