CTrust: A framework for Secure and Trustworthy application execution in Cloud computing

摘要

Cloud computing is a model that envisions ubiquitous access to a shared pool of configurable resources such as compute, storage, network, and software. Currently e-commerce, on-line auctioning companies, travel agencies and other such services use clouds, primarily because of the elasticity of cloud resources. While cloud computing allows consolidation of resources, thus enabling new applications, it has several security and privacy concerns. This paper presents the CTrust framework that addresses the security gap in cloud computing by combining the power of virtualization technology with the design of secure processor architectures. The fundamental building block of the CTrust framework is the Secure Hypervisor Framework - SecHYPE. It is a modified hypervisor that incorporates secure processor architectures and provides root of trust to user applications running in the cloud. The paper presents a detailed attack model and prototype implementation of the CTrust framework.