TrustOSV: Building Trustworthy Executing Environment with Commodity Hardware for a Safe Cloud

Xiaoguang Wang; Yi Shi; Yuehua Dai; Yong Qi; Jianbao Ren; Yu Xuan

首页> 外文期刊>Journal of Computers >TrustOSV: Building Trustworthy Executing Environment with Commodity Hardware for a Safe Cloud

【24h】

TrustOSV: Building Trustworthy Executing Environment with Commodity Hardware for a Safe Cloud

机译：TrustOSV：建立具有商品硬件的值得信赖的执行环境，为安全云

获取原文

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

—The Infrastructure as a Service (IaaS) cloud computing model is widely used in current IT industry, providing the cloud users virtual machines as the executing environment. However, current executing environment the cloud provided is not trustworthy. For a user’s executing environment faces threats from malicious cloud users who aim at attacking the underlying virtualization software (virtual machine monitor, VMM, or hypervisor). In this paper, we first make an analysis of the potential threats to a commodity hypervisor, and then propose architecture to build a more trustworthy executing environment for IaaS cloud. The main ideas of our architecture are: removing interaction between hypervisor and the exposed executing environment, enhancing platform data secrecy as well as providing feature rich environment attestation. To prove the effectiveness of our architecture, we build a prototype system, named TrustOSV, which can host multiple trustworthy isolated computing environments on multi-core x86 hardware. The final evaluation shows that TrustOSV can provide enhanced security guarantees to the exposed VMs at modest cost.

机译：- 作为服务（IAAS）云计算模型的基础架构广泛用于当前IT行业，为云用户虚拟机提供作为执行环境。但是，当前执行环境提供的云不值得信赖。对于用户的执行环境，面临旨在攻击底层虚拟化软件（虚拟机监视器，VMM或虚拟机管理程序）的恶意云用户的威胁。在本文中，我们首先对商品管理程序进行潜在威胁分析，然后提出建筑以为IAAS云构建更值得信赖的执行环境。我们的架构的主要思想是：删除管理程序之间的交互和公开的执行环境，增强平台数据保密以及提供功能丰富的环境认证。为了证明我们架构的有效性，我们构建了一个名为TrustOSV的原型系统，它可以在多核X86硬件上托管多个值得信赖的计算环境。最终的评估表明，TrustOSV可以以适度的成本提供增强的安全保证。

著录项

来源
《Journal of Computers》 |2014年第10期|共12页
作者
Xiaoguang Wang; Yi Shi; Yuehua Dai; Yong Qi; Jianbao Ren; Yu Xuan;
展开▼
作者单位

展开▼
收录信息
原文格式 PDF
正文语种
中图分类
关键词

相似文献

外文文献
中文文献
专利

1. Building an open source cloud environment with auto-scaling resources for executing bioinformatics and biomedical workflows [J] . Michael T. Krieger, Oscar Torreno, Oswaldo Trelles, Future generation computer systems . 2017,第feba期

机译：使用自动扩展资源构建开源云环境，以执行生物信息学和生物医学工作流程
2. Building Trustworthy Relationships with Smallholder(Small-scale) Agro-commodity Suppliers: Insights from the Ghana Cocoa Industry [J] . Glavee-Geo Richard, Burki Umar, Buvik Arnt Journal of macromarketing . 2020,第1期

机译：与小农（小规模）农产品供应商建立可信赖的关系：加纳可可行业的见解
3. Component-based hardware/software co-verification for building trustworthy embedded systems [J] . Fei Xie, Guowu Yang, Xiaoyu Song The Journal of Systems and Software . 2007,第5期

机译：基于组件的硬件/软件协同验证，用于构建可信赖的嵌入式系统
4. AN-Encoding Compiler: Building Safety-Critical Systems with Commodity Hardware [C] . Christof Fetzer, Ute Schiffel, Martin Suesskraut Computer safety, reliability, and security . 2009

机译：AN编码编译器：使用商品硬件构建安全关键系统
5. Relationship between Trustworthiness, Transparency, and Security in Cloud Computing Environments: A Regression Analysis. [D] . Ibrahim, Sara. 2017

机译：云计算环境中可信度，透明度和安全性之间的关系：回归分析。
6. Semantic-Based Building Extraction from LiDAR Point Clouds Using Contexts and Optimization in Complex Environment [O] . Yongjun Wang, Tengping Jiang, Min Yu, 2020

机译：基于上下文的LiDAR点云基于语义的建筑物提取和复杂环境中的优化
7. AN-encoding compiler: Building safety-critical systems with commodity hardware [O] . Christof Fetzer, Ute Schiffel, Technische Universtät Dresden 2009

机译：aN编码编译器：使用商用硬件构建安全关键系统

TrustOSV: Building Trustworthy Executing Environment with Commodity Hardware for a Safe Cloud

摘要

著录项

相似文献

相关主题

期刊订阅