98,456 research outputs found
Trust management for mobile computing platforms
Providing a trustworthy mobile computing platform is crucial for mobile communications, services and applications. In this dissertation, we study methodologies and mechanisms that can be used to provide a trustworthy mobile computing platform. We also present an autonomic trust management solution for a component software middleware platform targeting at an embedded device, such as a mobile phone.
In the first part of the dissertation, we firstly overview the literature background of trust modeling and trust management. We propose research methodologies on the basis of a conceptual architecture of a trusted mobile environment. Further, we present a methodology to bridge disjoint trusted domains in mobile computing and communications into a trustworthy system.
The second part of the dissertation contains a mechanism to sustain trust among computing platforms. The mechanism builds up a trust relationship based on the Root Trust (RT) module at a trustee platform and ensures trust sustainability according to pre-defined conditions. These conditions are approved at the time of trust establishment and enforced through the use of the pre-attested RT module until the intended purpose is fulfilled. Through applying this mechanism, we introduce a Trusted Collaboration Infrastructure (TCI) for peer-to-peer devices in order to establish trust collaboration among distributed peers. In addition, this mechanism contributes to a mobile Virtual Private Network (VPN) for trusted mobile enterprise networking.
The third part of the dissertation presents an autonomic trust management solution that can manage trust adaptively in a middleware component software platform. We develop a formal trust model to specify, evaluate, set up and ensure trust relationships that exist among system entities. We further present a trust management architecture that supports the implementation of the above model and adopts a number of algorithms for autonomic trust management at system runtime. In particular, special control modes can be applied into the platform to ensure trustworthiness. We develop a methodology for trust control mode prediction and selection on the basis of an adaptive trust control model in order to support autonomic trust management.reviewe
On Software Standards and Solutions for a Trusted Internet of Things
We discuss a high-level model for software applications and services that can support a minimal set of human-centric trust management capabilities. We outline the unique set of challenges we must address if we are to attain a level of trust that will be required for a robust deployment of an IoT. We discuss the role of standards and how we can maximize the effectiveness of standards and device and service certification. We suggest a set of solutions for trust management that can support the unique security, safety, and privacy requirements of a robust IoT. Prominent among these solutions is the use of an older approach for access control, viz. the reference monitor, and blockchain technologies that can record trust and policy graphs and trust-related attributes for IoT devices and supporting services. An open, but governed trust blockchain can serve as a universal trusted oracle
Remote attestation of SEV-SNP confidential VMs using e-vTPMs
Departing from "your data is safe with us" model where the cloud
infrastructure is trusted, cloud tenants are shifting towards a model in which
the cloud provider is not part of the trust domain. Both silicon and cloud
vendors are trying to address this shift by introducing confidential computing
- an umbrella term that provides mechanisms for protecting the data in-use
through encryption below the hardware boundary of the CPU, e.g., Intel Software
Guard Extensions (SGX), AMD secure encrypted virtualization (SEV), Intel trust
domain extensions (TDX), etc.
In this work, we design and implement a virtual trusted platform module
(vTPM) that virtualizes the hardware root-of-trust without requiring to trust
the cloud provider. To ensure the security of a vTPM in a provider-controlled
environment, we leverage unique isolation properties of the SEV-SNP hardware
and a novel approach to ephemeral TPM state management. Specifically, we
develop a stateless ephemeral vTPM that supports remote attestation without
persistent state. This allows us to pair each confidential VM with a private
instance of a vTPM that is completely isolated from the provider-controlled
environment and other VMs. We built our prototype entirely on open-source
components - Qemu, Linux, and Keylime. Though our work is AMD-specific, a
similar approach could be used to build remote attestation protocol on other
trusted execution environments (TEE).Comment: 12 pages, 4 figure
TCG based approach for secure management of virtualized platforms: state-of-the-art
There is a strong trend shift in the favor of adopting virtualization to get business benefits. The provisioning of virtualized enterprise resources is one kind of many possible scenarios. Where virtualization promises clear advantages it also poses new security challenges which need to be addressed to gain stakeholders confidence in the dynamics of new environment. One important facet of these challenges is establishing 'Trust' which is a basic primitive for any viable business model. The Trusted computing group (TCG) offers technologies and mechanisms required to establish this trust in the target platforms. Moreover, TCG technologies enable protecting of sensitive data in rest and transit. This report explores the applicability of relevant TCG concepts to virtualize enterprise resources securely for provisioning, establish trust in the target platforms and securely manage these virtualized Trusted Platforms
Deploying Virtual Machines on Shared Platforms
In this report, we describe mechanisms for secure deployment of virtual machines on shared platforms looking into a telecommunication cloud use case, which is also presented in this report. The architecture we present focuses on the security requirements of the major stakeholdersâ part of the scenario we present. This report comprehensively covers all major security aspects including different security mechanisms and protocols, leveraging existing standards and state-of-the art wherever applicable. In particular, our architecture uses TCG technologies for trust establishment in the deployment of operator virtual machines on shared resource platforms. We also propose a novel procedure for securely launching and cryptographically binding a virtual machine to a target platform thereby protecting the operator virtual machine and its related credentials
Trusted Computing and Secure Virtualization in Cloud Computing
Large-scale deployment and use of cloud computing in industry
is accompanied and in the same time hampered by concerns regarding protection of
data handled by cloud computing providers. One of the consequences of moving
data processing and storage off company premises is that organizations have
less control over their infrastructure. As a result, cloud service (CS) clients
must trust that the CS provider is able to protect their data and
infrastructure from both external and internal attacks. Currently however, such
trust can only rely on organizational processes declared by the CS
provider and can not be remotely verified and validated by an external party.
Enabling the CS client to verify the integrity of the host where the
virtual machine instance will run, as well as to ensure that the virtual
machine image has not been tampered with, are some steps towards building
trust in the CS provider. Having the tools to perform such
verifications prior to the launch of the VM instance allows the CS
clients to decide in runtime whether certain data should be stored- or calculations
should be made on the VM instance offered by the CS provider.
This thesis combines three components -- trusted computing, virtualization technology
and cloud computing platforms -- to address issues of trust and
security in public cloud computing environments. Of the three components,
virtualization technology has had the longest evolution and is a cornerstone
for the realization of cloud computing. Trusted computing is a recent
industry initiative that aims to implement the root of trust in a hardware
component, the trusted platform module. The initiative has been formalized
in a set of specifications and is currently at version 1.2. Cloud computing
platforms pool virtualized computing, storage and network resources in
order to serve a large number of customers customers that use a multi-tenant
multiplexing model to offer on-demand self-service over broad network.
Open source cloud computing platforms are, similar to trusted computing, a
fairly recent technology in active development.
The issue of trust in public cloud environments is addressed
by examining the state of the art within cloud computing security and
subsequently addressing the issues of establishing trust in the launch of a
generic virtual machine in a public cloud environment. As a result, the thesis
proposes a trusted launch protocol that allows CS clients
to verify and ensure the integrity of the VM instance at launch time, as
well as the integrity of the host where the VM instance is launched. The protocol
relies on the use of Trusted Platform Module (TPM) for key generation and data protection.
The TPM also plays an essential part in the integrity attestation of the
VM instance host. Along with a theoretical, platform-agnostic protocol,
the thesis also describes a detailed implementation design of the protocol
using the OpenStack cloud computing platform.
In order the verify the implementability of the proposed protocol, a prototype
implementation has built using a distributed deployment of OpenStack.
While the protocol covers only the trusted launch procedure using generic
virtual machine images, it presents a step aimed to contribute towards
the creation of a secure and trusted public cloud computing environment
SGXIO: Generic Trusted I/O Path for Intel SGX
Application security traditionally strongly relies upon security of the
underlying operating system. However, operating systems often fall victim to
software attacks, compromising security of applications as well. To overcome
this dependency, Intel introduced SGX, which allows to protect application code
against a subverted or malicious OS by running it in a hardware-protected
enclave. However, SGX lacks support for generic trusted I/O paths to protect
user input and output between enclaves and I/O devices.
This work presents SGXIO, a generic trusted path architecture for SGX,
allowing user applications to run securely on top of an untrusted OS, while at
the same time supporting trusted paths to generic I/O devices. To achieve this,
SGXIO combines the benefits of SGX's easy programming model with traditional
hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure
debug enclaves to behave like secure production enclaves. SGXIO surpasses
traditional use cases in cloud computing and makes SGX technology usable for
protecting user-centric, local applications against kernel-level keyloggers and
likewise. It is compatible to unmodified operating systems and works on a
modern commodity notebook out of the box. Hence, SGXIO is particularly
promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1
A Performance Optimization Model towards OAuth 2.0 Adoption in the Enterprise
As Cloud software (Software-as-a-Service) become more and more
ubiquitous, the scale and performance expectations become an important factor
impacting architectural decisions for security protocol adoption. WS-Trust[6]
and WS-Federation[7] are enterprise scale protocols but lacked wide adoption
due to complexity. OAuth 1.0 emerged as an industry standard for unifying
identity management for major SaaS players. However, OAuth 1.0 soon was
proven to fail performance criteria for enterprise adoption. With the
introduction of OAuth 2.0 some of the performance concerns were addressed.
This paper proposes an optimization to OAuth 2.0 for enterprise adoption. This
optimization is achieved by introducing manageability steps to pre-establish
trust amongst the client and the protected resource server. In this model, the
client needs to set up trust with the protected resource server as well as with the
authorization server. These clients are called highly trusted clients. We believe
such optimization makes it feasible to adopt OAuth in the enterprise where
scale and performance are critical factors
- âŠ