1 / 10

Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service ( IaaS ).

Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service ( IaaS ). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian ). Overview. Problem Statement TPM Proposal Discussion Conclusion References. Problem Statement. Trusted Platform Module.

may
Download Presentation

Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service ( IaaS ).

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service (IaaS). Gregory T. Hoffer CS7323 – Research Seminar (Dr. QiTian)

  2. Overview • Problem Statement • TPM • Proposal • Discussion • Conclusion • References

  3. Problem Statement

  4. Trusted Platform Module (Image From [1])

  5. (Image From [1])

  6. Security Features provided by TPM • 1) Access Control: Access to sensitive data and execution of some commands are subject to permission. It is the case for access to cryptographic keys, PCRs and execution of key generation. • 2) Attestation: Attestation provided by an entity is a proof of specific data knowledge by that entity. It is usually associated with a digital signature. TCG uses this functionality to prove to a remote entity (e.g. service provider) that a platform wishing to access to the service meets specific integrity requirements. The attestation may be related to hardware or software integrity. • 3) Measurements, Logging and Reporting: The measurement is the process of computing a state indicator of hardware and/or software. It may be a hash for a software code. If the measurement is reliable, it gives information on the integrity of the measured entity. The measuring entity must be trustable in order to obtain reliable measurements. TCG defines a module called CRTM (Core Root of Trust for Measurement) which is assumed to be trustable. It is executed when the platform is powered on.

  7. Project Proposal • Virtualize TPM • Provide Cloud Customer with assurance or trust that state and configuration of physical platform.

  8. Conclusion

  9. Questions and Discussion • Any questions or comments?

  10. References [1] M. Achemlal, S. Gharout, C. Gaber. 2011. Trusted Platform Module as an Enabler for Security in Cloud Computing. In Network and Information Systems Security (SAR-SSI), La Rouchelle, FR. May 18-21, 2011. [2] R. Neise, D. Holling, A. Pretschner. 2011. Implementing Trust in Cloud Infrastructures. In 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2011, Newport Beach, CA. May 23-26, 2011. [3] B. Berthelon, S. Varette, P. Bouvry. 2011. CertiCloud: a Novel TPM-based Approach to Ensure Cloud IaaS Security. In 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2011, Newport Beach, CA. May 23-26, 2011.

More Related