AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
PDF (2.3 MB)
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

Trusted Attestation Architecture on an Infrastructure-as-a-Service

Xin JinXingshu Chen( )Cheng ZhaoDandan Zhao
College of Computer Science, Sichuan University, Chengdu 610065, China.
Show Author Information

Abstract

Trusted attestation is the main obstruction preventing large-scale promotion of cloud computing. How to extend a trusted relationship from a single physical node to an Infrastructure-as-a-Service (IaaS) platform is a problem that must be solved. The IaaS platform provides the Virtual Machine (VM), and the Trusted VM, equipped with a virtual Trusted Platform Module (vTPM), is the foundation of the trusted IaaS platform. We propose a multi-dimensional trusted attestation architecture that can collect and verify trusted attestation information from the computing nodes, and manage the information centrally on a cloud management platform. The architecture verifies the IaaS’s trusted attestation by apprising the VM, Hypervisor, and host Operating System’s (OS) trusted status. The theory and the technology roadmap were introduced, and the key technologies were analyzed. The key technologies include dynamic measurement of the Hypervisor at the process level, the protection of vTPM instances, the reinforcement of Hypervisor security, and the verification of the IaaS trusted attestation. A prototype was deployed to verify the feasibility of the system. The advantages of the prototype system were compared with the Open CIT (Intel Cloud attestation solution). A performance analysis experiment was performed on computing nodes and the results show that the performance loss is within an acceptable range.

References

【1】
【1】
 
 
Tsinghua Science and Technology
Pages 469-478

{{item.num}}

Comments on this article

Go to comment

< Back to all reports

Review Status: {{reviewData.commendedNum}} Commended , {{reviewData.revisionRequiredNum}} Revision Required , {{reviewData.notCommendedNum}} Not Commended Under Peer Review

Review Comment

Close
Close
Cite this article:
Jin X, Chen X, Zhao C, et al. Trusted Attestation Architecture on an Infrastructure-as-a-Service. Tsinghua Science and Technology, 2017, 22(5): 469-478. https://doi.org/10.23919/TST.2017.8030536

1125

Views

71

Downloads

4

Crossref

N/A

Web of Science

6

Scopus

3

CSCD

Received: 01 October 2016
Accepted: 21 October 2016
Published: 11 September 2017
© The author(s) 2017