Trusted System In Cloud Environment

Abstract- Cloud security has gained increasingly emphasis in the research community, with much focus primary concentrated on how to secure the operation system and virtual machine on which cloud system runs on. A trust management system will match the service providers and the customers based on the requirements and offerings. In this paper, we proposed a new method to build a secure and trusted computing system for cloud environment. It includes s om e ip r t ancuity vic s, nc lud g h ti, fi dtyintegrity, are provided in cloud computing system. Keywords -- Cl oud C mp ti ng, IaaS, Tr sted System, Trusted Computing Group, C putiplatform. I. Introduction With the development in networking technology and the increasing need for computing resources, many companies have been prompted to outsource their storage and computing needs. This new economic computing model is commonly regarded as cloud computing [1]. Cloud computing provides a facility that enable large scale control sharing and inter operation among resources that are dispersedly owned and managed [2]. The opportunities afforded by cloud computing are too attractive for the consumers to ignore in today’s highly competitive service environments. The way to realizing these opportunities, however, is not free of obstacles. In cloud computing, with a large amount of various computing resources, users can easily solve their problems with the resources provided by a cloud. Cloud computing has many new characteristics compared with traditional computing mode. Cloud security Alliance (CSA) describes these characteristics as: abstraction of infrastructure, resource democratization, services oriented architecture, elasticity/dynamism of resources and utility model of consumption & allocation [3]; NIST summarizes these characteristics as: on-demand self-service, ubiquitous network access, resource pooling, rapid elasticity and pay per use [4]. Since these cloud facilities are shared resources and generally located in the data center of Cloud Security Provider (CSP), they are under the full control of CSP. Security devices in cloud are also owned and controlled by CSP. On the other hand, customers have no control over the facilities on which their businesses run [5]. They should be security duty separation in cloud computing between CSP and customers. The mechanism of security duty separation must be based on what services the security provides the customers. Cloud services are currently marketed on their different categories namely Infrastructure as a Service (IAAS), Platform as a Service (PAAS), and Software as a Service (SAAS) [6].The interrelationship and logical boundaries between these three cloud services delivery models where depicted in the cloud reference model in fig. 1. Tim Mather et al. further detailed the security responsibility between CSP and the customers [7]. CSP must be responsible for the security of computing platforms and applications they provide. Trust the measure concern of the consumers and provider of services that participate in cloud computing environment. In this paper, we proposed a new method to build a secure and trusted computing system for cloud environment. Cloud computing developed from the grid computing technology and paid attention to provide distributed service to different users. A typical cloud model described by Frank Gillett[8] is shown in Fig. 1 that model does not seen to address end-to-end management. Ultimately, the cloud service infrastructure must provide end-to-end service assurance to meet both service creation and service delivery platform user requirement. A current means for establishing trust in computing platforms is the Trusted Platform Module (TPM), a core component of the root of trust for the platform. A root of trust is a component of a computing platform that is implicitly trusted to provide a specified set of controlled functions to measure and pass control to other platform component. Krautheim’s Locator Bot(LoBot)[9,10]uses the VTPM to root trust for a virtual environment in a PVI; however, the VTPM implementation has several issues that make it problematic to use as a root of trust for cloud virtual environments. Traditional trusted computing platform like Terra[11] Take a compelling approach to this problem. For example, Terra is able to prevent the owner of a