通过组合PBA和来源实现云中的完整性保证

2016 10th International Conference on Next Generation Mobile Applications, Security and Technologies (NGMAST) Pub Date : 2016-08-01 DOI:10.1109/NGMAST.2016.15

Abir Awad, Sara Kadry, Brian A. Lee, Gururaj Maddodi, Eoin O'Meara

{"title":"通过组合PBA和来源实现云中的完整性保证","authors":"Abir Awad, Sara Kadry, Brian A. Lee, Gururaj Maddodi, Eoin O'Meara","doi":"10.1109/NGMAST.2016.15","DOIUrl":null,"url":null,"abstract":"In this paper, we propose a new integrity assurance system in the cloud by using both hard and soft attestations. By hard attestation, we mean the usage of trusted computing to certify the machines in the cloud or to detect any tamper on the system level including boot, bios and operating system. The soft assurance mechanism is based on the analysis of the cloud provenance data which are collected by logging kernel system calls. This mechanism is data centric which means that it allows the detection of any changes to data artifacts in the cloud. The results of our integrity assurance system is communicated to the user using Cloud Trust Protocol (CTP) developed by the Cloud Security Alliance (CSA). Our proposed scheme is tested on an OpenStack cloud to show a proof of concept of our integrity assurance system.","PeriodicalId":340716,"journal":{"name":"2016 10th International Conference on Next Generation Mobile Applications, Security and Technologies (NGMAST)","volume":"175 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Integrity Assurance in the Cloud by Combined PBA and Provenance\",\"authors\":\"Abir Awad, Sara Kadry, Brian A. Lee, Gururaj Maddodi, Eoin O'Meara\",\"doi\":\"10.1109/NGMAST.2016.15\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we propose a new integrity assurance system in the cloud by using both hard and soft attestations. By hard attestation, we mean the usage of trusted computing to certify the machines in the cloud or to detect any tamper on the system level including boot, bios and operating system. The soft assurance mechanism is based on the analysis of the cloud provenance data which are collected by logging kernel system calls. This mechanism is data centric which means that it allows the detection of any changes to data artifacts in the cloud. The results of our integrity assurance system is communicated to the user using Cloud Trust Protocol (CTP) developed by the Cloud Security Alliance (CSA). Our proposed scheme is tested on an OpenStack cloud to show a proof of concept of our integrity assurance system.\",\"PeriodicalId\":340716,\"journal\":{\"name\":\"2016 10th International Conference on Next Generation Mobile Applications, Security and Technologies (NGMAST)\",\"volume\":\"175 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 10th International Conference on Next Generation Mobile Applications, Security and Technologies (NGMAST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NGMAST.2016.15\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 10th International Conference on Next Generation Mobile Applications, Security and Technologies (NGMAST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NGMAST.2016.15","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

本文提出了一种采用硬认证和软认证相结合的云环境下的完整性保障系统。通过硬认证，我们指的是使用可信计算来认证云中的机器或检测系统级别(包括引导、bios和操作系统)上的任何篡改。软保证机制是基于对记录内核系统调用所收集的云来源数据的分析。该机制以数据为中心，这意味着它允许检测云中的数据构件的任何更改。我们的完整性保证系统的结果通过云安全联盟(CSA)开发的云信任协议(CTP)传达给用户。我们提出的方案在OpenStack云上进行了测试，以证明我们的完整性保证系统的概念。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Integrity Assurance in the Cloud by Combined PBA and Provenance

In this paper, we propose a new integrity assurance system in the cloud by using both hard and soft attestations. By hard attestation, we mean the usage of trusted computing to certify the machines in the cloud or to detect any tamper on the system level including boot, bios and operating system. The soft assurance mechanism is based on the analysis of the cloud provenance data which are collected by logging kernel system calls. This mechanism is data centric which means that it allows the detection of any changes to data artifacts in the cloud. The results of our integrity assurance system is communicated to the user using Cloud Trust Protocol (CTP) developed by the Cloud Security Alliance (CSA). Our proposed scheme is tested on an OpenStack cloud to show a proof of concept of our integrity assurance system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 10th International Conference on Next Generation Mobile Applications, Security and Technologies (NGMAST)

自引率

0.00%

发文量