Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service (IaaS). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian)

Slides:

Advertisements

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Advertisements

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.

 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

Enforcement of Security Policy Compliance in Virtual Private Networks Prof. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh

Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.

Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.

Trusted computing and the cloud. UNR – CSE, Jeff Naruchitparames 2 ( and null-byte poisoning attacks for the web )

Aircraft is a Node on the Internet

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

Cloud Usability Framework

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Role-based Trust Management Security Policy Analysis and Correction Environment (RT-SPACE). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian)

Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Trusted Computing BY: Sam Ranjbari Billy J. Garcia.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Extending user controlled security domain.

A Design of Trusted Operating System Based on Linux BY LI HONGJUAN, LANYUQING The presenter Rusul J. ALSaedi Spring 2015 CS Dr. Rothstein.

An approach to on the fly activation and deactivation of virtualization-based security systems Denis Efremov Pavel Iakovenko

Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Niagara Framework in the Clouds Scott Boehm. … what the heck does that mean??

Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

Initial Tiger Team Briefing New Dells with TPM Peter Leight Richard Hammer May 2006.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.

An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK

Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

0 Penn State, NSRC Industry Day, Trent Jaeger – Past Projects and Results Linux Security –Aim to Build Measurable, High Integrity Linux Systems.

Trusted Virtual Machine Images a step towards Cloud Computing for HEP? Tony Cass on behalf of the HEPiX Virtualisation Working Group October 19 th 2010.

Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.

P ROTOCOL FOR COLLABORATING MOBILE AGENTS IN THE NETWORK INTRUSION DETECTION SYSTEMS. By Olumide Simeon Ogunnusi Shukor Abd Razak.

AUTHORS – X. NIE, D. FENG, J. CHE, X. WANG PRESENTED BY- PREOYATI KHAN KENT STATE UNIVERSITY Design and Implementation of Security Operating System based.

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

VMM Based Rootkit Detection on Android

IPlant Collaborative Tools and Services Workshop iPlant Collaborative Tools and Services Workshop Overview of Atmosphere.

Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources 1.

Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.

Protecting Network Equipment

Outline What does the OS protect? Authentication for operating systems

Tools and Services Workshop Overview of Atmosphere

Sami Alsouri Özgür Dagdelen Stefan Katzenbeisser

A SDN Attestation Approach

Outline What does the OS protect? Authentication for operating systems

Anna Giannakou Christine Morin, Jean-Louis Pazat, Louis Rilling

TCG’s Embedded System and IoT Focus

Assignment #7 – Solutions

Cloud Security 李芮，蒋希坤，崔男 2018年4月.

PKI (Public Key Infrastructure)

Using and Building Infrastructure Clouds for Science

Done by:Thikra abdullah

Presentation transcript:

Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service (IaaS). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian)

Overview  Problem Statement  TPM  Proposal  Discussion  Conclusion  References

Problem Statement

Trusted Platform Module (Image From [1])

Security Features provided by TPM  1) Access Control: Access to sensitive data and execution of some commands are subject to permission. It is the case for access to cryptographic keys, PCRs and execution of key generation.  2) Attestation: Attestation provided by an entity is a proof of specific data knowledge by that entity. It is usually associated with a digital signature. TCG uses this functionality to prove to a remote entity (e.g. service provider) that a platform wishing to access to the service meets specific integrity requirements. The attestation may be related to hardware or software integrity.  3) Measurements, Logging and Reporting: The measurement is the process of computing a state indicator of hardware and/or software. It may be a hash for a software code. If the measurement is reliable, it gives information on the integrity of the measured entity. The measuring entity must be trustable in order to obtain reliable measurements. TCG defines a module called CRTM (Core Root of Trust for Measurement) which is assumed to be trustable. It is executed when the platform is powered on.

Project Proposal  Virtualize TPM  Provide Cloud Customer with assurance or trust that state and configuration of physical platform.

Conclusion

Questions and Discussion  Any questions or comments?

References [1] M. Achemlal, S. Gharout, C. Gaber Trusted Platform Module as an Enabler for Security in Cloud Computing. In Network and Information Systems Security (SAR-SSI), La Rouchelle, FR. May 18-21, [2] R. Neise, D. Holling, A. Pretschner Implementing Trust in Cloud Infrastructures. In 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2011, Newport Beach, CA. May 23-26, [3] B. Berthelon, S. Varette, P. Bouvry CertiCloud: a Novel TPM-based Approach to Ensure Cloud IaaS Security. In 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2011, Newport Beach, CA. May 23-26, 2011.