Cargando…
eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology
Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as t...
Autores principales: | , , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2018
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6264068/ https://www.ncbi.nlm.nih.gov/pubmed/30404242 http://dx.doi.org/10.3390/s18113807 |
_version_ | 1783375411010338816 |
---|---|
author | Sun, Haonan He, Rongyu Zhang, Yong Wang, Ruiyun Ip, Wai Hung Yung, Kai Leung |
author_facet | Sun, Haonan He, Rongyu Zhang, Yong Wang, Ruiyun Ip, Wai Hung Yung, Kai Leung |
author_sort | Sun, Haonan |
collection | PubMed |
description | Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability. |
format | Online Article Text |
id | pubmed-6264068 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2018 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-62640682018-12-12 eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology Sun, Haonan He, Rongyu Zhang, Yong Wang, Ruiyun Ip, Wai Hung Yung, Kai Leung Sensors (Basel) Article Today cloud computing is widely used in various industries. While benefiting from the services provided by the cloud, users are also faced with some security issues, such as information leakage and data tampering. Utilizing trusted computing technology to enhance the security mechanism, defined as trusted cloud, has become a hot research topic in cloud security. Currently, virtual TPM (vTPM) is commonly used in a trusted cloud to protect the integrity of the cloud environment. However, the existing vTPM scheme lacks protections of vTPM itself at a runtime environment. This paper proposed a novel scheme, which designed a new trusted cloud platform security component, ‘enclave TPM (eTPM)’ to protect cloud and employed Intel SGX to enhance the security of eTPM. The eTPM is a software component that emulates TPM functions which build trust and security in cloud and runs in ‘enclave’, an isolation memory zone introduced by SGX. eTPM can ensure its security at runtime, and protect the integrity of Virtual Machines (VM) according to user-specific policies. Finally, a prototype for the eTPM scheme was implemented, and experiment manifested its effectiveness, security, and availability. MDPI 2018-11-06 /pmc/articles/PMC6264068/ /pubmed/30404242 http://dx.doi.org/10.3390/s18113807 Text en © 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Sun, Haonan He, Rongyu Zhang, Yong Wang, Ruiyun Ip, Wai Hung Yung, Kai Leung eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology |
title | eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology |
title_full | eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology |
title_fullStr | eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology |
title_full_unstemmed | eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology |
title_short | eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology |
title_sort | etpm: a trusted cloud platform enclave tpm scheme based on intel sgx technology |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6264068/ https://www.ncbi.nlm.nih.gov/pubmed/30404242 http://dx.doi.org/10.3390/s18113807 |
work_keys_str_mv | AT sunhaonan etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology AT herongyu etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology AT zhangyong etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology AT wangruiyun etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology AT ipwaihung etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology AT yungkaileung etpmatrustedcloudplatformenclavetpmschemebasedonintelsgxtechnology |