Constructing trusted virtual execution environment in P2P grids

摘要

P2P grid is a natural merger of grid computing and P2P computing. Currently, P2P grids are hard to be commercially adopted because user programs and sensitive data are compromised easily and no trusted execution environment is provided on P2P grid nodes. Virtualization technologies become more and more popular, which allows one computer system to function as multiple virtual systems. When a P2P grid node is equipped with virtualization technologies, the virtual machine monitor (VMM) under the operating system is more secure than the OS because the VMM is much less complicated than the OS, and trusted platform module (TPM) embedded into the underlying hardware can provide integrity protection for the VMM. In this paper, we introduce how to construct a trusted execution environment on P2P grid nodes equipped with secure VMM. The VM images used for deploying virtual execution environment are protected and verified. A VM image will be selected and deployed onto a P2P grid node according to the job requirement and node situation, such as node performance and node reputation. Finally, the overhead of trusted image store and deployment is analyzed.