Abstract
Trusted computing is an important means for the security of the IaaS platform. One of the key problem is how to migrate a virtual machine (VM) from one host to another trustily. To solving it, the lifecycle of VM, trusted proof of VM and other notions are presented in this paper. Moreover, the paper proposes a Trusted Virtual Machine Migration Protocol (TVMMP) which can guarantee the coherence and continuity of trusted status during the VM migration and provide secure aids for trusted migration of VM in the IaaS platform. Through the security analysis and comparison, it can be proved that the protocol is suitable for trusted computing cloud platform.
This work was supported by the Natural Science Foundation of Hebei province (Grant No. F2016201064, F2016201244) and the Natural Science Foundation of Hebei institution (Grant No. ZD2015088).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Berger, S., Cáceres, R., Goldman, K.A., et al.: vTPM: virtualizing the trusted platform module. Usenix Secur. 15, 305–320 (2006)
Liu, C.Y., Lin, J., Tang, B.: A dynamic trustworthiness verification mechanism for trusted cloud execution environment. J. Softw. 24(1), 1240–1252 (2013). (in Chinese)
Wang, L.N., Gao, H.J., Yu, R.W., et al.: Research of constructing trusted virtual execution environment based on trust extension. J. Commun. 32(9), 1–8 (2011). (in Chinese)
Li, X.Y., Zhou, L.T., Shi, Y., et al.: A trusted computing environment model in cloud architecture. In: International Conference on Machine Learning and Cybernetics, pp. 2843–2848. IEEE (2010)
Wang, J., Zhao, B., Zhang, H., et al.: POSTER: an E2E trusted cloud infrastructure. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1517–1519 (2014)
Santos, N., Gummadi, K., Rodrigues, R.: Towards trusted cloud computing. In: Conference on Hot Topics in Cloud Computing. USENIX Association (2009)
Santos, N., Rodrigues, R., Gummadi, K.P., et al.: Policy-sealed data: a new abstraction for building trusted cloud services. In: Usenix Conference on Security Symposium, p. 10 (2012)
Chen, C., Raj, H., Saroiu, S., et al.: cTPM: a cloud TPM for cross-device trusted applications. In: Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation, pp. 187–201. USENIX Association (2014)
Sayler, A., Keller, E., Grunwald, D.: Jobber: automating inter-tenant trust in the cloud. In: Proceedings of Workshop on Hot Topics in Cloud Computing (HotCloud) (2013)
Aiash, M., Mapp, G., Gemikonakli, O.: Secure live virtual machines migration: issues and solutions. In: International Conference on Advanced Information NETWORKING and Applications Workshops, pp. 160–165. IEEE (2014)
Jamshidi, P., Ahmad, A., Pahl, C.: Cloud migration research: a systematic review. Cloud Comput. IEEE Trans. 1(2), 142–157 (2013)
Danev, B., Masti, R.J., Karame, G.O., et al.: Enabling secure VM-vTPM migration in private clouds. In: Twenty-Seventh Computer Security Applications Conference, pp. 187–196 (2011)
Aslam, M., Gehrmann, C., Bjorkman, M.: Security and trust preserving VM migrations in public clouds. In: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 869–876. IEEE Computer Society (2012)
Celesti, A., Salici, A., Villari, M., et al.: A remote attestation approach for a secure virtual machine migration in federated cloud environments. In: First International Symposium on Network Cloud Computing and Applications, pp. 99–106. IEEE (2012)
Hong, Z., Wang, J., Zhang, H.G., et al.: A trusted VM-vTPM live migration protocol in clouds. In: Proceedings of International Workshop on Cloud Computing & Information Security, vol. 52, no. 1391, pp. 299–302 (2013)
Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the Network & Distributed Systems Security Symposium, pp. 191–206 (2003)
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: ACM Conference on Computer and Communications Security, pp. 132–145. ACM (2004)
Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. J. ACM 52(01), 102–146 (2005)
Abadi, M., Blanchet, B.: Computer-assisted verification of a protocol for certified email. Sci. Comput. Program. 58(1/2), 3–27 (2005)
Blancher, B.: ProVerif user manual (2016). http://www.proverif.ens.fr/manual.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
He, X., Tian, J. (2017). A Trusted VM Live Migration Protocol in IaaS. In: Xu, M., Qin, Z., Yan, F., Fu, S. (eds) Trusted Computing and Information Security. CTCIS 2017. Communications in Computer and Information Science, vol 704. Springer, Singapore. https://doi.org/10.1007/978-981-10-7080-8_4
Download citation
DOI: https://doi.org/10.1007/978-981-10-7080-8_4
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-7079-2
Online ISBN: 978-981-10-7080-8
eBook Packages: Computer ScienceComputer Science (R0)
