Wenjuan Li,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1109/iceie.2010.5559829

2010-01-01

Abstract:Security and interoperability is the biggest challenge to promote cloud computing currently. Trust has proved to be one of the most important and effective alternative means to construct security in distributed systems. In order to efficiently and safely construct entities' trust relationship in cloud and cross-clouds environment, this paper proposed a novel cloud trust model and a new cloud security framework. The propose trust model is domain-based. It divides one cloud provider's resource nodes into the same trust domain. It designs different trust strategies for different roles. Trust recommendation is treated as one type of cloud services just like computation or storage. Based on the proposed trust model, it introduced a novel cloud security framework with an independent trust management module. Using the proposed security model, it introduced some trust-based security mechanisms. Results of simulation experiments show that the proposed security model can achieve high transaction success rate with high trust accuracy.

Wenjuan Li,Lingdi Ping

DOI: https://doi.org/10.1007/978-3-642-10665-1_7

2009-01-01

Abstract:Trust is one of the most important means to improve security and enable interoperability of current heterogeneous independent cloud platforms. This paper first analyzed several trust models used in large and distributed environment and then introduced a novel cloud trust model to solve security issues in cross-clouds environment in which cloud customer can choose different providers' services and resources in heterogeneous domains can cooperate. The model is domain-based. It divides one cloud provider's resource nodes into the same domain and sets trust agent. It distinguishes two different roles cloud customer and cloud server and designs different strategies for them. In our model, trust recommendation is treated as one type of cloud services just like computation or storage. The model achieves both identity authentication and behavior authentication. The results of emulation experiments show that the proposed model can efficiently and safely construct trust relationship in cross-clouds environment.

Xiaofei Zhang,Hui Liu,Bin Li,Xing Wang,Haiqiang Chen,Shizhong Wu

DOI: https://doi.org/10.1109/cloudcom.2010.86

2010-11-01

Abstract:The emergence and application of cloud computing can help users access to various computing resources and services more conveniently. However, it also brings forth many security challenges. This paper proposes the application oriented remote verification trust model, which is capable of adjusting the user's trust authorization verification contents according to the specific security requirements of different applications. The model also dynamically adjusts the users' trust value with the trust feedback mechanism to determine whether or not the requested resource or service should be provided, so as to guarantee the security of information resources. This paper provides a formal description of the basic components and trust properties of the model with a belief formula, and describes the framework for the implementation of the model.

Qi XIE,XiuYuan YU,WenHao LIU,DeRen CHEN,GuiLin WANG,JiYi WU

DOI: https://doi.org/10.1360/112011-915

2012-01-01

Scientia Sinica Informationis

Abstract:Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing. In 2011, Juang et al. proposed a first authentication scheme based on proxy signature. The advantage of the scheme is that the user only needs to register on his home service cloud (HSC), and can pass through the authentication of the public cloud with the help of his HSC. However, their scheme has three weaknesses: 1) the users HSC needs to update the users public key in each session to protect the users privacy; 2) HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously; and 3) a secret key should be shared between HSC and visiting cloud. To overcome these weaknesses, a provably secure convertible proxy signcryption for privacy preserving is proposed. Based on this scheme, a novel one-round authentication protocol is proposed, which the user only needs to register on his HSC, and can pass through the authentication of the visiting cloud without the help of his HSC. On the other hand, the proposed protocol can provide some nice properties, such as user privacy protection, non-repudiation, without updating the users public key, and secret key does not have to be shared between HSC and visiting cloud. In addition, the proposed scheme is provably secure in the random oracle model, and is more efficient than Juang et al.s scheme.

Yongzhi Wang,Yulong Shen,Xiaohong Jiang

DOI: https://doi.org/10.1109/tifs.2017.2787993

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Public cloud vendors have been offering a variety of big data computing services on their clouds. However, runtime integrity is one of the major security concerns that hinder the wide adoption of those services. In this paper, we focus on MapReduce, a popular big data computing framework, and propose the runtime integrity audition (RIA), a solution that remotely verifies the runtime integrity of MapReduce applications. RIA records the runtime variable values of the MapReduce application on the public cloud and checks those values against the application’s code on the private cloud. By doing so, RIA protects the runtime integrity of MapReduce applications. Based on the idea of RIA, we developed a prototype system, called MR Auditor, and tested its applicability and performance with several Hadoop applications. Our experimental results showed that MR Auditor is a general tool that can efficiently audit the runtime integrity of all the MapReduce applications that we tested. In addition, MR Auditor incurs a moderate performance overhead. For example, when verifying the Word Count application, a proper parameter setting of MR Auditor incurs 1% of extra execution time on the public cloud and 14% of extra execution time on the private cloud.

Tong Li,Yang Lin,Xueyuan Kong,Yue Yu,Fajiang Yu

2011-01-01

Abstract:Current technology in trusted computing cannot comply with the requirement of trusted behaviour. One method for trusted computing dynamic attestation is proposed in this paper. This method uses a behaviour model based on the static analysis of binary code. One same source code may have several different binary versions, therefore one method is proposed for building almost the same core function model for different binary versions. This research also overcame the difficulty where some dynamic behaviours could not be obtained by static analysis. The paper also provides solutions for dynamic attestation of some complex programs, such as recursion, library link and multi threads programs.

Anna Galanou,Khushboo Bindlish,Luca Preibsch,Yvonne-Anne Pignolet,Christof Fetzer,Rüdiger Kapitza

2024-02-23

Abstract:Confidential computing alleviates the concerns of distrustful customers by removing the cloud provider from their trusted computing base and resolves their disincentive to migrate their workloads to the cloud. This is facilitated by new hardware extensions, like AMD's SEV Secure Nested Paging (SEV-SNP), which can run a whole virtual machine with confidentiality and integrity protection against a potentially malicious hypervisor owned by an untrusted cloud provider. However, the assurance of such protection to either the service providers deploying sensitive workloads or the end-users passing sensitive data to services requires sending proof to the interested parties. Service providers can retrieve such proof by performing remote attestation while end-users have typically no means to acquire this proof or validate its correctness and therefore have to rely on the trustworthiness of the service providers. In this paper, we present Revelio, an approach that features two main contributions: i) it allows confidential virtual machine (VM)-based workloads to be designed and deployed in a way that disallows any tampering even by the service providers and ii) it empowers users to easily validate their integrity. In particular, we focus on web-facing workloads, protect them leveraging SEV-SNP, and enable end-users to remotely attest them seamlessly each time a new web session is established. To highlight the benefits of Revelio, we discuss how a standalone stateful VM that hosts an open-source collaboration office suite can be secured and present a replicated protocol proxy that enables commodity users to securely access the Internet Computer, a decentralized blockchain infrastructure.

Cryptography and Security,Distributed; Parallel; and Cluster Computing

Junning Fu,Chaokun Wang,Zhiwei Yu,Jianmin Wang,Jia-Guang Sun

DOI: https://doi.org/10.1109/chinagrid.2010.15

2010-01-01

Abstract:A software cloud is ready-made for software delivery or Software as a Service (SaaS). As it becomes more and more popular, security problems of software running in the cloud also become an important issue. The threats, such as destroying system softwares and access violation, are frequently emerging in the field of software cloud. In this paper, we propose a watermark-aware trusted running environment to protect the softwares running in the cloud. We implement the scheme which mainly contains two parts: 1) embedding watermark into the Java programs running in the cloud; 2) generating customized JVMs for recognizing the watermarked programs. Experimental results within a real private software cloud to demonstrate that our approach can provide a large-scale protection with a small overhead.

WU Xu,XU Jin,LI Chun-wen,LIU Chuan-yi

DOI: https://doi.org/10.13190/j.jbupt.2014.05.018

2014-01-01

Abstract:In cloud computing, the data and computation migration gives rise to trust problems between the user and the cloud. Including the hardware platform, the multiple dimensions method was studied, as well as the user identity and behavior. The electronic identity ( eID)-based virtual machine trusted attes-tation system in infrastructure-as-a-service ( IaaS) cloud was designed. The hardware platform was used for trust third party architecture. The citizen's network eID was used as users' unique authoritative identi-ty. The credit records were also applied to evaluate the user' s behaviors. Four steps were adopted to solve the trust problem between two sides, including trusted attestation of the user identification and trus-ted attestation of the virtual machine. Experiment analysis shows that this system can defend common at-tacks, it is more safety, and the time complexity is within acceptable limitations.

Zhenyu Zhao,Qingni Shen,Wu Luo,Anbang Ruan

DOI: https://doi.org/10.1007/978-3-030-41579-2_34

2020-01-01

Abstract:The security of cloud infrastructure is an important issue. Many solutions have been proposed to protect the integrity of cloud infrastructure through integrating Trusted Computing hardware. However, these existing solutions suffer from high complexity, repetition and latency. In this paper, we propose a blockchain based cloud service dependency attestation framework-CloudCoT (Cloud Chain-of-Trust). With CloudCoT which combines trusted computing and blockchain technology, cloud users are able to automatically extract the valid dependency of their applications deployed on cloud. And they can attest the valid dependency with low latency through its measurement mechanism and verification mechanism. In addition to the decentralized features, we can see that CloudCoT has higher efficiency while maintaining strong safety in experimental evaluation.

Hussain Al-Aqrabi,Richard Hill

DOI: https://doi.org/10.48550/arXiv.1901.03051

2019-01-10

Abstract:Business analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from multiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).

Cryptography and Security

Wu Luo,Wei Liu,Yang Luo,Anbang Ruan,Qingni Shen,Zhonghai Wu

DOI: https://doi.org/10.1109/trustcom.2016.0058

2016-01-01

Abstract:In recent years, the rapid development of virtualization and container technology brings unprecedented impact on traditional IT architecture. Trusted Computing devotes to provide a solution to protect the integrity of the target platform and introduces a virtual TPM to adapt to the challenges that virtualization brings. However, the traditional integrity measurement solution and remote attestation has limitations due to the challenges such as large of measurement and attestation cost and overexposure of configurations details. In this paper, we propose the Partial Attestation Model. The basic idea of Partial Attestation Model is to reconstruct the Chain of Trust by dividing them into several separated ones. Our model therefore enables the challenger to attest the specified security requirements of the target platform, instead of acquiring and verifying the complete detailed configurations. By ignoring components not related to the target requirements, our model reduces the attestation costs. In addition, we further implement an attestation protocol to prevent overexposure of the target platform's configuration details. We build a use case to illustrate the implementation of our model, and the evaluations on our prototype show that our model achieves better efficiency than the existing remote attestation scheme.

Peiyun Zhang,Mengchu Zhou,Yang Kong

DOI: https://doi.org/10.1109/tsmc.2019.2906310

2021-03-01

IEEE Transactions on Systems, Man, and Cybernetics: Systems

Abstract:In the last ten years, cloud services provided many applications in various areas. Most of them are hosted in a heterogeneous distributed large-scale cloud computing environment and face inherent uncertainty, unreliability, and malicious attacks that trouble both service users and providers. To solve the problems of malicious attacks (including solo and collusion deception ones) in a public cloud computing environment, we for the first time propose a double-blind anonymous evaluation-based trust model. Based on it, cloud service providers and users are anonymously matched according to user requirements. It can be used to effectively handle some malicious attacks that intend to distort trust evaluations. Providers may secretly hide gain-sharing information into service results and send the results to users to ask for higher trust evaluations than their deserved ones. This paper proposes to adopt checking nodes to help detect such behavior. It then conducts gain–loss analysis for providers who intend to perform provider–user collusion deception. The proposed trust model can be used to effectively help one recognize collusion deception behavior and allow policy-makers to set suitable loss to punish malicious providers. Consequently, provider-initiated collusion deception behavior can be greatly discouraged in public cloud computing systems. Simulation results show that the proposed method outperform two updated methods, i.e., one based on fail-stop signature and another based on fuzzy mathematics in terms of malicious node detection ratio and speed.

English Else

Qian Wang,Cong Wang,Kui Ren,Wenjing Lou,Jin Li

DOI: https://doi.org/10.1109/tpds.2010.183

IF: 5.3

2010-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud Computing has been envisioned as the next-generation architecture of IT Enterprise. It moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. This unique paradigm brings about many new security challenges, which have not been well understood. This work studies the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data stored in the cloud. The introduction of TPA eliminates the involvement of the client through the auditing of whether his data stored in the cloud are indeed intact, which can be important in achieving economies of scale for Cloud Computing. The support for data dynamics via the most general forms of data operation, such as block modification, insertion, and deletion, is also a significant step toward practicality, since services in Cloud Computing are not limited to archive or backup data only. While prior works on ensuring remote data integrity often lacks the support of either public auditability or dynamic data operations, this paper achieves both. We first identify the difficulties and potential security problems of direct extensions with fully dynamic data updates from prior works and then show how to construct an elegant verification scheme for the seamless integration of these two salient features in our protocol design. In particular, to achieve efficient data dynamics, we improve the existing proof of storage models by manipulating the classic Merkle Hash Tree construction for block tag authentication. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multiuser setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis show that the proposed schemes are highly efficient and provably secure.

Yutao Tang,Zhengrui Qin,Zhiqiang Lin,Yue Li,Shanhe Yi,Fengyuan Xu,Qun Li

DOI: https://doi.org/10.1109/tc.2022.3152074

IF: 3.183

2022-01-01

IEEE Transactions on Computers

Abstract:Increasingly, many security and privacy-sensitive applications are running on mobile platforms. However, as mobile operating systems are becoming increasingly sophisticated, they are vulnerable to various attacks. In addressing the need of running high assurance mobile apps in a secure environment even though the operating systems are untrusted, this paper presents vTrust, a new mobile app trusted execution environment, which offloads the general execution and storage of a mobile app to a trusted remote server (e.g., a VM running in a cloud) and secures the I/O between the server and the mobile device with the aid of a trusted hypervisor on the mobile device. Specifically, vTrust establishes an encrypted I/O channel between the local hypervisor and the remote server. In this way, any sensitive data flowing through the mobile OS, which the hypervisor hosts, is encrypted from the perspective of the local mobile OS. To enhance the performance of vTrust, we have also designed multiple optimizations, such as output data compression and selective sensor data transmission. We have implemented vTrust, and our evaluation shows that it has limited impact on both user experience and the application performance.

engineering, electrical & electronic,computer science, hardware & architecture

Liang Gu,Xuhua Ding,Robert Huijie Deng,Bing Xie,Hong Mei

DOI: https://doi.org/10.1145/1456455.1456458

2008-01-01

Abstract:Remote attestation provides the basis for one platform to establish trusts on another. In this paper, we consider the problem of attesting the correctness of program executions. We propose to measure the target program and all the objects it depends on, with an assumption that the Secure Kernel and the Trusted Platform Module provide a secure execution environment through process separation. The attestation of the target program begins with a program analysis on the source code or the binary code in order to find out the relevant executables and data objects. Whenever such a data object is accessed or a relevant executable is invoked due to the execution of the target program, its state is measured for attestation. Our scheme not only testifies to a program's execution, but also supports fine-granularity attestations and information flow checking.

SUN Jingjing,CAI Mian,ZHAO Yang

DOI: https://doi.org/10.3969/j.issn.1671-0428.2012.04.006

2012-01-01

Abstract:With the community'recognition for cloud computing,its security can't be ignored.Based on user facing data security and privacy issue,this paper gives Based-on trusted computing cloud user security model.this model bases on trusted computing technology,in addition to the traditional security policy,proposed the establishment of private virtual machines,to provide user with the operation of a private space,to prevent other malicious users or administrators to access the virtual machine;and gives a anonymous method of user information,when the user applys services and change services to ensure the privacy of user information,to prevent service providers malicious use and disclose user information,to provides a safe environment for user.

Shantanu Pal,Sunirmal Khatua,Nabendu Chaki,Sugata Sanyal

DOI: https://doi.org/10.48550/arXiv.1108.4100

2011-08-20

Cryptography and Security

Abstract:In order to determine the user's trust is a growing concern for ensuring privacy and security in a cloud computing environment. In cloud, user's data is stored in one or more remote server(s) which poses more security challenges for the system. One of the most important concerns is to protect user's sensitive information from other users and hackers that may cause data leakage in cloud storage. Having this security challenge in mind, this paper focuses on the development of a more secure cloud environment, to determine the trust of the service requesting authorities by using a novel VM (Virtual Machine) monitoring system. Moreover, this research aims towards proposing a new trusted and collaborative agent-based two-tier framework, titled WAY (Who Are You?), to protect cloud resources. The framework can be used to provide security in network, infrastructure, as well as data storage in a heterogeneous cloud platform. If the trust updating policy is based on network activities, then the framework can provide network security. Similarly, it provides storage security by monitoring unauthorized access activities by the Cloud Service Users (CSU). Infrastructure security can be provided by monitoring the use of privileged instructions within the isolated VMs. The uniqueness of the proposed security solution lies in the fact that it ensures security and privacy both at the service provider level as well as at the user level in a cloud environment.

Wojciech Ozga,Patricia Sagmeister,Tamás Visegrády,Silvio Dragone

2023-04-02

Abstract:Existing attestation mechanisms lack scalability and support for heterogeneous virtual execution environments (VEEs), such as virtual machines and containers executed inside or outside hardware isolation on different vendors' hardware in clouds managed by various organizations. To overcome these limitations, hardware vendors and cloud providers implement proprietary mechanisms (Intel DCAP, Amazon NitroTPM, Google Titan) to support their offerings. However, due to their plurality, the attestation becomes cumbersome because it increases maintenance and integration costs and reduces portability required in hybrid- and multi-cloud deployments. We introduce WAWEL, a framework that enables scalable attestation of heterogeneous VEEs. WAWEL can be plugged into existing hardware-specific attestation mechanisms, offering a unified interface. WAWEL supports the widely adopted trusted platform module (TPM) attestation standard. We implemented a prototype and integrated it with three different VEEs. It supports runtime integrity attestation with Linux integrity measurement architecture (IMA) and legacy applications requiring zero-code changes. The evaluation demonstrated that the WAWEL prototype achieves very good performance and scalability despite the indirections between the VEE and hardware root of trust.

Cryptography and Security

Mingxing Zhou,Peng Xiao,Qixu Wang,Shuhua Ruan,Xingshu Chen,Menglong Yang

DOI: https://doi.org/10.32604/cmes.2023.028612

2024-01-01

Computer Modeling in Engineering & Sciences

Abstract:Due to the need for massive device connectivity, low communication latency, and various customizations in 6G architecture, a distributed cloud deployment approach will be more relevant to the space-air-ground-sea integrated network scenario. However, the openness and heterogeneity of the 6G network cause the problems of network security. To improve the trustworthiness of 6G networks, we propose a trusted computing-based approach for establishing trust relationships in multi-cloud scenarios. The proposed method shows the relationship of trust based on dual-level verification. It separates the trustworthy states of multiple complex cloud units in 6G architecture into the state within and between cloud units. Firstly, SM3 algorithm establishes the chain of trust for the system’s trusted boot phase. Then, the remote attestation server (RAS) of distributed cloud units verifies the physical servers. Meanwhile, the physical servers use a ring approach to verify the cloud servers. Eventually, the centralized RAS takes one-time authentication to the critical evidence information of distributed cloud unit servers. Simultaneously, the centralized RAS also verifies the evidence of distributed RAS. We establish our proposed approach in a natural OpenStack-based cloud environment. The simulation results show that the proposed method achieves higher security with less than a 1% system performance loss.

engineering, multidisciplinary,mathematics, interdisciplinary applications