Building Trusted Sub-domain for the Grid with Trusted Computing

摘要

The Grid is all about, collaboration, which is supported by dynamic, multi-institutional virtual organizations (VO). The fact that Grid users and resource providers often suffer from attacks outside or inside the VO make it necessary to build a trusted sub-domain. The TCG (Trusted Computing Group) proposes Trusted Computing (TC) to enhance users' trust on today's open architecture platforms by adding a tamper-resistant hardware module called Trusted Platform Module (TPM) to the end system. In this paper, we propose and design an open-source security system based on Linux and TPM hardware to extend the trust on the platform to the Grid environment, and hereby provide sharing of trusted environment. Especially, we demonstrate how to build a trusted sub-domain for the Grid with our system by using trusted attestation and migration based on the TC.