{"title":"结果与讨论","authors":"M. A. Musse, R. rahmatullah, S. A. Rashid","doi":"10.4018/978-1-5225-7924-3.ch006","DOIUrl":null,"url":null,"abstract":"This chapter describes the proof-of-concept of the proposed protocol architecture. The eXtensible modular hypervisor framework has been utilized to build the TrustVisor hypervisor along with the core modules: cryptography operations, TEE, and TPM emulator, which contains TPM library function to make a secure communication with TPM hardware. The constructed hypervisor has been placed in the cloud server grub entry to make a choice of hypervisor. To ensure the trust worthiness of cloud platform, a remote attestation concept is used along with the most popular and widely used method called integrity measurement architecture (IMA). Remote attestation uses IMA. It works based on binary attestation concept. After configuring IMA, it calculates and extends the hashes of all components while boot process into their respective PCRs. To ensure the remote attestation with privacy preserving of NC, the authors used attestation identity key (AIK) for signing hashes of PCRs while performing quote operation. They used TPM emulator for communication with TPM device using TPM driver.","PeriodicalId":287112,"journal":{"name":"Detection and Mitigation of Insider Attacks in a Cloud Infrastructure","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Results and Discussions\",\"authors\":\"M. A. Musse, R. rahmatullah, S. A. Rashid\",\"doi\":\"10.4018/978-1-5225-7924-3.ch006\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This chapter describes the proof-of-concept of the proposed protocol architecture. The eXtensible modular hypervisor framework has been utilized to build the TrustVisor hypervisor along with the core modules: cryptography operations, TEE, and TPM emulator, which contains TPM library function to make a secure communication with TPM hardware. The constructed hypervisor has been placed in the cloud server grub entry to make a choice of hypervisor. To ensure the trust worthiness of cloud platform, a remote attestation concept is used along with the most popular and widely used method called integrity measurement architecture (IMA). Remote attestation uses IMA. It works based on binary attestation concept. After configuring IMA, it calculates and extends the hashes of all components while boot process into their respective PCRs. To ensure the remote attestation with privacy preserving of NC, the authors used attestation identity key (AIK) for signing hashes of PCRs while performing quote operation. They used TPM emulator for communication with TPM device using TPM driver.\",\"PeriodicalId\":287112,\"journal\":{\"name\":\"Detection and Mitigation of Insider Attacks in a Cloud Infrastructure\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Detection and Mitigation of Insider Attacks in a Cloud Infrastructure\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/978-1-5225-7924-3.ch006\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Detection and Mitigation of Insider Attacks in a Cloud Infrastructure","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/978-1-5225-7924-3.ch006","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This chapter describes the proof-of-concept of the proposed protocol architecture. The eXtensible modular hypervisor framework has been utilized to build the TrustVisor hypervisor along with the core modules: cryptography operations, TEE, and TPM emulator, which contains TPM library function to make a secure communication with TPM hardware. The constructed hypervisor has been placed in the cloud server grub entry to make a choice of hypervisor. To ensure the trust worthiness of cloud platform, a remote attestation concept is used along with the most popular and widely used method called integrity measurement architecture (IMA). Remote attestation uses IMA. It works based on binary attestation concept. After configuring IMA, it calculates and extends the hashes of all components while boot process into their respective PCRs. To ensure the remote attestation with privacy preserving of NC, the authors used attestation identity key (AIK) for signing hashes of PCRs while performing quote operation. They used TPM emulator for communication with TPM device using TPM driver.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
