Abstract
In the recent years, cloud computing has expanded rapidly and improved the working efficiency for a number of cloud users, however, a few enterprises hesitate to move to the cloud because of the runtime security challenges of applications although cloud vendors promise to provide a trustworthy execution platform. In this paper, we propose Trusted Cloud Root Broker to give robust trustworthy guarantees to those JVM-Based applications. The broker as the application-root of the trust is to make the evaluation of the runtime trustworthiness and support dynamic attestation about the integrity state of an application with the assistance of Java virtual machine. It could not just prove the authenticity but also offer the availability for these targeting applications. What is more, our broker has less performance overheads.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Sailer, R, Zhang, X, Jaeger, T, Van Doorn, L: Design and implementation of a TCG-based integrity measurement architecture. In: 13th USENIX Security Symposium, vol. 13, pp. 223–238 (2004)
Jaeger, T, Sailer, R, Shankar, U: PRIMA: policy-reduced integrity measurement architecture. In: SACMAT, pp. 19–28 (2006)
Xu, W., Zhang, X., Hu, H., et al.: Remote attestation with domain-based integrity model and policy analysis. IEEE Trans. Dependable Secure Comput. 9(3), 429–442 (2012)
Thober, M, Pendergrass, J.A., Jurik, A.D: JMF: Java measurement framework: language-supported runtime integrity measurement. In: STC, pp. 21–32 (2012)
Haldar, V, Chandra, D, Franz, M: Semantic remote attestation- a virtual machine directed approach to trusted computing. In: VM 2004, vol. 3, pp. 3–15 (2004)
Podesser, S., Toegl, R.: A software architecture for introducing trust in Java-based clouds. In: Park, J.J., Lopez, J., Yeo, S.-S., Shon, T., Taniar, D. (eds.) STA 2011. CCIS, vol. 186, pp. 45–53. Springer, Heidelberg (2011)
Mell, P., Grance, T.: The NIST definition of cloud computing. Nat. Inst. Stand. Technol. 53(6), 50 (2009)
Armbrust, M., Fox, A., Griffith, R., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)
Jensen, M, Schwenk, J, Gruschka, N, Iacono, L.L: On technical security issues in cloud computing. In: IEEE CLOUD, pp. 109–116 (2009)
Hofmann, O.S., Dunn, A.M., Kim, S, Roy, I, Witchel, E: Ensuring operating system kernel integrity with OSck. In: ASPLOS, pp. 279–290 (2011)
Learn About Java Technology. http://www.java.com/en/about/
Ries, S: Extending Bayesian trust models regarding context-dependence and user friendly representation. In: SAC, pp. 1294–1301 (2009)
Ries, S., Habib, S.M., Mühlhäuser, M., Varadharajan, V.: CertainLogic: a logic for modeling trust and uncertainty. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 254–261. Springer, Heidelberg (2011)
Baumann, A, Peinado, M, Hunt, G: Shielding applications from an untrusted cloud with haven. In: OSDI, pp. 267–283 (2014)
Wang, W., Zeng, G., et al.: Cloud-DLS: dynamic trusted scheduling for cloud computing. Expert Syst. Appl. 39(3), 2321–2329 (2012)
Richardson, M., Agrawal, R., Domingos, P.: Trust management for the semantic web. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 351–368. Springer, Heidelberg (2003)
Acknowledgments
The work is funded in part by the National Natural Science Foundation of China (No. 61303191). It is also supported by a grant from the National High Technology Research and Development Program of China (863 Program) (No. 2015AA016010).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Ba, H., Zhou, H., Wang, Z., Ren, J., Hong, T., Li, Y. (2015). Application-Assisted Dynamic Attestation for JVM-Based Cloud. In: Wang, G., Zomaya, A., Martinez, G., Li, K. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2015. Lecture Notes in Computer Science(), vol 9532. Springer, Cham. https://doi.org/10.1007/978-3-319-27161-3_63
Download citation
DOI: https://doi.org/10.1007/978-3-319-27161-3_63
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27160-6
Online ISBN: 978-3-319-27161-3
eBook Packages: Computer ScienceComputer Science (R0)