Cloud Computing is the technology of using central remote servers to maintain data and applications, and allows companies to use those shared resources without any care about installing or maintaining those resources. The main concern with this remote processing is the leak of data confidentially.
This report summarizes the design of a trusted cloud computing platform (TCCP) for addressing this concern.
Introduction
To address the security leak in cloud computing environment, you can think why we do not just use data encryption, and the answer is that unfortunately the risk here is not in storing the data encrypted, but in the data processing as any processing is done to the clear data; which means that remote system admin who has privilege, and access to the physical environment can develop sophisticated attacks like cold boot attack and get access to this data.
Background
Cloud service providers offer services at various layers in software stack. At lower layer, Infrastructure as a Service (IaaS) providers are giving their customers access to the entire virtual machine (VM). At higher layers, Software as a Service (SaaS) systems like Google Docs software. This report is talking about securing IaaS implementations as it is more manageable.
IaaS implementation consists of a set of nodes inside a cluster; each of them runs a virtual machine monitor (VMM) to host customer virtual machines, and all are managed by a cloud manager (CM).
The trusted computing group proposed the standard for the design of Trusted Platform Module (TPM) chip offering security based on asymmetric encryption, where each party sends a message encrypted by its private key to authenticate itself.
Till now we are waiting the TCCP to address the risk of physical access of privilege users.
Trusted Cloud Computing Platform
The goal for this platform is to make computations of VMs confidential, and allow the consumers to verify this.
To do this a trusted virtual