Trusted Cloud Computing Platform Model: Study And Improvement

Data security and privacy preserving in cloud are widely believed to be two prime fields during the rapid expansion of cloud computing. However, by far, there are no effective methods for users to verify the confidentiality and integrity of the data that they upload to the cloud. Hence,a trust issue between Cloud Service Provider (CSP) and users comes up, and it's becoming one of the biggest barriers to cloud computing development.Introducing trust computing technology is a possible solution dealing with the trust issue. A Trusted Cloud Computing Platform (TCCP) model based on Infrastructure-As-A-Service (IaaS) is proposed in 2009. In that paper there is a Trusted Coordinator (TC) in External Trusted Entity (ETE) which verifies active servers containing Trusted Platform Module (TPM) and maintains a list of trusted nodes (TNs, active normally running servers containing TPM). The backend of TN runs a Trusted Virtual Machine Monitor (TVMM) to prevent hackers and insiders from inspecting or modifying the memory of user's Virtual Machine (VM). However the model relies on trusted third party too much, and that makes it becoming a bottleneck, hence the TCCP model is of no practical use. In this paper the limitation of the original TCCP model is studied intensively, and an improved TCCP model based on Direct Anonymous Attestation (DAA) and Privacy Certification Authority (Privacy CA) scheme is proposed to solve the over-dependence on the trusted third party issue.In this papaer based on the neutral feature of TPM we introduce DAA and Privacy CA scheme to deSign a protocol that lets a part of TNs become Privacy CAs (tiny internal trusted third parties) which would take part responsibility of managing and verifying TNs. In a Zone of cloud there is a number of Privacy CAs, and each of them has its own trusted management area, the quarantine measure applied here is used to prevent further losses if one trusted management area is damaged or hacked. And these trusted management areas are connected by an Internal Trusted Coordinator (ITC) which is elected by Privacy CAs. In case of the election result gets manipulated, a Secure Multi-Party Computation (SMC) algorithm is applied here. Privacy CAs and ITC would take the whole responsibility of managing TNs, and get involved in the creation and live migration of VMs. The aporia in this paper is how to provide the same level of security and privacy preserving while modifying the original TCCP model to make it more available and reliable. In the original TCCP model, the concept of virtual trusted platform is directly introduced from the virtualization of trusted platform, and the issue whether it's suitable for cloud computing platform is not disscussed. In this paper the architecture of virtual trusted platforms is studied, and modified based on the needs of our TCCP model.The architecture of cloud computing platform here is based on an open source Eucalyptus, the architecture of virtual trusted platform is based on vTPM, and TPM must reach TPM 1.2 specification (DAA scheme can only be applied in TPM 1.2 specification).The TCCP model is supported by the dedicated safety hardware TPM, hence it's one of the best models dealing with the security and privacy preserving issue in cloud, especially the theory researches and application practices of trusted computing technoligy are quite mature now. Therefore the deSign of TCCP model has very high reference value; the consideration of improving the original TCCP model in this paper might provide ideas for deSigning an actual TCCP to clear trust issue barrier in future.