Abstract
Cloud computing uses a virtual, nonlocal system for storage and computation. The creation of individual virtual machines (VMs) in the larger system is an important foundation for cloud computing, especially in the delivery of software as a service (SaaS). The biggest challenge for SaaS cloud-computing systems is maintaining user-level security in VMs. A proposed in-VM measuring framework confirms the status of user-level applications launched in guest VMs. A measurement module measures the executable and transfers the values to a trusted VM, which stores them in a measurement table. Comparing those values to a reference table containing the trusted measurement values of running executables verifies the executable's status. This framework relies on the system's Trusted Platform Module to guarantee the two tables' integrity. In addition, a memory watcher module confirms the measurement module's status. A working prototype of the framework based on the Xen VM monitor showed good efficiency.
| Original language | English |
|---|---|
| Article number | 5560628 |
| Pages (from-to) | 56-62 |
| Number of pages | 7 |
| Journal | IEEE Security and Privacy |
| Volume | 8 |
| Issue number | 6 |
| DOIs | |
| State | Published - Nov 2010 |
| Externally published | Yes |
Keywords
- In-VM measuring
- TPM
- Trusted Platform Module
- Xen
- security and privacy
- verification
- virtual machines