Bootstrapping and Maintaining Trust in the Cloud
Abstract
Today's infrastructure as a service (IaaS) cloud environments rely upon full trust in the provider to secure applications and data. Cloud providers do not offer the ability to create hardware-rooted cryptographic identities for IaaS cloud resources or sucient information to verify the integrity of systems. Trusted computing protocols and hardware like the TPM have long promised a solution to this problem. However, these technologies have not seen broad adoption because of their complexity of implementation, low performance, and lack of compatibility with virtualized environments. In this paper we introduce a scalable trusted cloud key management system called key lime. Our system provides an end-to-end solution for both bootstrapping hardware rooted cryptographic identities for IaaS nodes and for system integrity monitoring of those nodes via periodic attestation. We can support these functions in both bare-metal and virtualized IaaS environments using a virtual TPM. key lime provides a clean interface that allows higher level security services like disk/network encryption or conguration management to leverage trusted computing without themselves being trusted computing aware. We show that our bootstrapping protocol adds about 2 seconds latency to IaaS node instantiation, we can detect system integrity violations in as little as 110ms, and that keylime can
Document Details
- Document Type
- Technical Report
- Publication Date
- Dec 01, 2016
- Accession Number
- AD1033603
Entities
People
- Bryan Richard
- Nabil Schear
- Patrick Ii T. Cable
- Robert Rudd
- Thomas M. Moyer
Organizations
- Massachusetts Institute of Technology