Experiences in Trusted Cloud Computing

Ian Oliver^*, Silke Holtmanns and Shankar Lal

Nokia Bell Labs, Security Research, Karakaari 3, 02610 Espoo, Finland

E-mail: ian.oliver@nokia-bell-labs.com; silke.holtmanns@nokia-bell-labs.com; shankar.lal@nokia-bell-labs.com

^∗Corresponding Author

Received 18 October 2017;
Accepted 05 October 2018

Abstract

While trusted computing is a well-known technology, its role has been limited in scope and to single machines. The advent of cloud computing, its role as critical infrastructure and the requirement for trust between the users of computing resources combines to form a perfect environment for trusted and high-integrity computing. Indeed, the use of trusted computing is an enabling technology over nearly all ‘cyber’ areas: secure supply chain management, privacy and critical data protection, data sovereignty, cyber defence, legal etc. To achieve this generalization, we must fundamentally redefine what we mean by trusted and high-integrity computing. We are required to go beyond the boot-time trust and rethink notions of run-time trust, partial trust, how systems are constructed, the trust between management and operations, compute and storage infrastructure and the dynamic provisioning of services by external parties. While attestation technologies, so-called run-time trust and virtualized TPM are being brought to the fore, adopting these does not solve any of the fundamental problems of trust in the cloud.

Read the full article here: https://www.riverpublishers.com/journal_read_html_article.php?j=JICTS/6/3/5