Development of Design for Enhancing Trust in Cloud’s SPI Stack

Yıl 2020, Cilt: 6 Sayı: 1, 13 - 18, 31.03.2020

Ahmed Bentajer Mustapha Hedabou Faouzia Ennaama Said Elfezazi

https://doi.org/10.22399/ijcesen.370873

Öz

Cloud
computing defines the SPI model, which is generally agreed upon as providing Software-as-a-Service,
Platform-as-a-Service and Infrastructure-as-a-Service. Interest in those
service delivery models is growing because the paradigm offers to cloud
customers high computational resource on-demand with a low cost. However,
trustiness in the cloud services regarding the security and the privacy of the
delivered data is the most critical issue in the SPI model. In this paper we
propose a trusted SPI model that gives cloud customer more confidence into SPI
services by leveraging a trust in a neutral SPI certifying authority. The
proposed model prevents insider attacks from tampering with application service
before and after the computational resource was launched and allow cloud
customer to verify if its node run in a secure environment

Anahtar Kelimeler

Cloud Computing, SPI Stack, TPM, Trustiness, Multisignature scheme

Kaynakça

• Ron Zalkind. Protecting Your Data in Google Docs Compliance In The Cloud. http://hosteddocs.ittoolbox.com/protecting-your-data-in-google-docs.pdf.
• N. Santos, K. P. Gummadi, and R. Rodrigues. Towards trusted cloud computing. In Proceedings of the Workshop on Hot Topics in Cloud Computing, HotCloud’09. USENIX Association, 2009. http://portal.acm.org/citation.cfm?id=1855533.1855536.
• Lina Jia, Min Zhu, and Bibo Tu. 2017. T-VMI: Trusted Virtual Machine Introspection in Cloud Environments. In Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid '17). IEEE Press, Piscataway, NJ, USA, 478-487. DOI: https://doi.org/10.1109/CCGRID.2017.48
• https://trustedcomputinggroup.org/tpm-main-specification/
• Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. 2003. Terra: a virtual machine-based platform for trusted computing. In Proceedings of the nineteenth ACM symposium on Operating systems principles (SOSP '03). ACM, New York, NY, USA, 193-206. DOI=http://dx.doi.org/10.1145/945445.945464
• Krautheim F.J., Phatak D.S., Sherman A.T. (2010) Introducing the Trusted Virtual Environment Module: A New Mechanism for Rooting Trust in Cloud Computing. In: Acquisti A., Smith S.W., Sadeghi AR. (eds) Trust and Trustworthy Computing. Trust 2010. Lecture Notes in Computer Science, vol 6101. Springer, Berlin, Heidelberg. DOI: https://doi.org/10.1007/978-3-642-13869-0_14
• Li B., Lv S., Zhang Y., Tian M. (2014) The Application of Trusted Computing Technology in the Cloud Security. In: Wong W.E., Zhu T. (eds) Computer Engineering and Networking. Lecture Notes in Electrical Engineering, vol 277. Springer, Cham. DOI : https://doi.org/10.1007/978-3-319-01766-2_99
• National Institute of Standards and Technology (NIST) FIPS PUB 186-4, Digital Signature Standard (DSS). DOI: http://dx.doi.org/10.6028/NIST.FIPS.186.4
• Yu, Z., Zhang, W. & Dai, H. A Trusted Architecture for Virtual Machines on Cloud Servers with Trusted Platform Module and Certificate Authority. Journal of Signal Processing System (2017) vol:86. https://doi.org/10.1007/s11265-016-1130-9
• R. Chandramouli, M. Iorga, S. Chokhani. NIST IR 7956: Cryptographic Key Management Issues & Challenges in Cloud Services. DOI : http://dx.doi.org/10.6028/NIST.IR.7956
• K. Itakura and K. Nakamura,. A public-key cryptosystem suitable for digital multisignatures. In NEC Res. Development 71 (1983), pp. 1-8.
• T. Okamoto. Tatsuaki Okamoto. 1988. A digital multisignature scheme using bijective public-key cryptosystems. ACM Trans. Comput. Syst. 6, 4 (November 1988), 432-441. DOI: http://dx.doi.org/10.1145/48012.48246
• M. Bellare, G. Neven. New multi-signatures and a general forking lemma. in CCS06, 2006. DOI: https://doi.org/10.1145/1180405.1180453
• M. Bellare, G. Neven. Identity-based multi-signatures from RSA. In CT-RSA, 2007. DOI: https://doi.org/10.1007/11967668_10
• E. Brickell, J. Camenisch, L. Chen. Direct Anonymous Attestation. In ACM Conference on Computer and Communications Security, pp. 132-145, 2004.
• A. Brown, J. S. Chase . Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications. In: Proc. of CCSW. pp. 15-20 (2011). DOI: https://doi.org/10.1145/2046660.2046665
• Tang Y. and Lee P. P. C. and Lui J. C. S. and Perlman R., Secure Overlay Cloud Storage with Access Control and Assured Deletion, IEEE Transactions on Dependable and Secure Computing, Vol 9, p. 903-916 (2012). DOI: https://doi.org/10.1109/TDSC.2012.49
• Saurabh Singh, Young-Sik Jeong, Jong Hyuk Park, A survey on cloud computing security: Issues, threats, and solutions, Journal of Network and Computer Applications, Volume 75, November 2016, Pages 200-222, ISSN 1084-8045. DOI: http://dx.doi.org/10.1016/j.jnca.2016.09.002.
• Khalil, I., Khreishah, A., Azeem, M., Cloud Computing Security: A Survey, Computers 2014, 3(1), 1-35; DOI: https://dx.doi.org/10.3390/computers3010001.
• M. Cengız Toklu. Determination of Customer Loyalty Levels by Using Fuzzy MCDM Approaches. Acta Physica Polonica A (2017) (Special issue of the 3rd International Conference on Computational and Experimental Science and Engineering (ICCESEN 2016)). Pp. 650-654. DOI: http://dx.doi.org/10.12693/APhysPolA.132.650
• D. Alhalafi. A New Methodology to Disambiguate Privacy. Acta Physica Polonica A (2015) (Special issue of the International Conference on Computational and Experimental Science and Engineering (ICCESEN 2014)). Pp. B-319 – B-323. DOI : http://dx.doi.org/10.12693/APhysPolA.128.B-324