Cargando…

eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology

Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as t...

Descripción completa

Detalles Bibliográficos
Autores principales: Sun, Haonan, He, Rongyu, Zhang, Yong, Wang, Ruiyun, Ip, Wai Hung, Yung, Kai Leung
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2018
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6264068/
https://www.ncbi.nlm.nih.gov/pubmed/30404242
http://dx.doi.org/10.3390/s18113807
_version_ 1783375411010338816
author Sun, Haonan
He, Rongyu
Zhang, Yong
Wang, Ruiyun
Ip, Wai Hung
Yung, Kai Leung
author_facet Sun, Haonan
He, Rongyu
Zhang, Yong
Wang, Ruiyun
Ip, Wai Hung
Yung, Kai Leung
author_sort Sun, Haonan
collection PubMed
description Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability.
format Online
Article
Text
id pubmed-6264068
institution National Center for Biotechnology Information
language English
publishDate 2018
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-62640682018-12-12 eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology Sun, Haonan He, Rongyu Zhang, Yong Wang, Ruiyun Ip, Wai Hung Yung, Kai Leung Sensors (Basel) Article Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability. MDPI 2018-11-06 /pmc/articles/PMC6264068/ /pubmed/30404242 http://dx.doi.org/10.3390/s18113807 Text en © 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Sun, Haonan
He, Rongyu
Zhang, Yong
Wang, Ruiyun
Ip, Wai Hung
Yung, Kai Leung
eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
title eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
title_full eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
title_fullStr eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
title_full_unstemmed eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
title_short eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
title_sort etpm: a trusted cloud platform enclave tpm scheme based on intel sgx technology
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6264068/
https://www.ncbi.nlm.nih.gov/pubmed/30404242
http://dx.doi.org/10.3390/s18113807
work_keys_str_mv AT sunhaonan etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology
AT herongyu etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology
AT zhangyong etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology
AT wangruiyun etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology
AT ipwaihung etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology
AT yungkaileung etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology