Research Of Trust Chain Based On Cloud Computing

Cloud computing is rapidly applied to all walks and is the development direction of the IT. However, with cloud computing, customers must store their data or deploy applications on the cloud. These resources may be damaged not only by other malicious users but also by the malicious administrator of cloud, which aggravates the trustworthiness issue of cloud services and hinders the development and widespread of cloud computing.Above all, this paper studied new features about the issue of cloud trust and built a novel threat model for IaaS. Then we discussed and analyzed the research to protect or aduit the trust of cloud at home and abroad. After comparing the advantages and disadvantages of these researches and considering the feasibility of these schemes, we introduced Trust Computing techonology to design a novel mechanism to build the trust chain of a platform. A module embedded in the platform is used to collect evidence and build a whole static chain-of-trust. Then we designed five remote attestation protocols using a TTP to audit and verify the chain-of-trust. These five protocols can cover the whole lifecycle of servers and virtual machines and guarantee the real-time of the platform trustiness. Finally, we integrated these mechanisms into the Eucalyptus and implemented a prototype system, which was named as trusted IaaS cloud. The experiments demonstrated that mechanisms bring little extra cost on the performance while guaranteeing trustworthiness.Besides, to take a quantitative assessment of the mechanisms to build and verify chain-of-trust, a novel method is proposed to quantify and assess the validity of trust models by calculating the attack damage reduced and the performance cost introduced by the trust mechanism. Then, for the periodic verification mechanism, the best detection cycle prediction mechanism is proposed to solve the issue of how to select the best detection cycle. Finally, we tested and verified the effectiveness of the method by modeling mal-event, simulating the trust mechanisms to deal with the mal-event sequences and quantifying the damage by the mal-events, reduced damage and the performance cost for the trust mechanisms.