A collective attestation scheme towards cloud system

PDF / 1,280,441 Bytes
12 Pages / 595.276 x 790.866 pts Page_size
5 Downloads / 190 Views

(0123456789().,-volV)(0123456789(). ,- volV)

A collective attestation scheme towards cloud system Yuan Song1,2 • Wenchang Shi1,2 • Bo Qin1,2 • Bin Liang1,2 Received: 21 March 2020 / Revised: 9 August 2020 / Accepted: 21 August 2020 Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract Considering cloud computing continues to grow and flourish, the increasing number of cloud infrastructures results in unlimited resources and convenient pay-as-you-go services, which makes it essential to ensure software integrity (including OS, apps, and configurations) on such massive devices to guarantee both privacy and safety. As a key technical solution, remote attestation allows a remote entity to validate integrity state of targeted cloud devices. Aiming to attest the real integrity state of cloud system and improve scalability and efficiency of existing scheme, a Collective Attestation scheme towards Cloud System named CACS is presented in this paper. First, in order to promote scalability, CACS proposes an attestation scheme based on cooperation between cloud servers. Second, to increase efficiency, CACS puts forward Attestation Relationship Tree structure, which could determine the cooperative objects and tasks during the collective attestation. Besides, identity-based aggregation signature technology is adopted to quickly verify the authenticity of integrity report about cloud servers. To evaluate the efficiency and scalability, CACS is simulated in a large-scale cloud system. Experimental results show that not only is CACS able to effectively prove a cloud system of 30,000 nodes in 19.9 s, but also it could perform well in terms of scalability compared to current cloud system attestation schemes. Keywords Remote attestation Cloud system Collective attestation Attestation relationship tree Aggregate signature

1 Introduction Cloud computing has opened a new horizon of computing for Smart City [1], Health Care [2], Smart Home [3] and many fields by offering unlimited resources and convenient pay-as-you-go services. The vigorous development of cloud computing promotes the market value nowadays and even in the future. Cloud infrastructures are often related to server swarms, which are increasing at an exponential rate. Although hundreds of thousands of servers in the datacentres have been built [4, 5], such as Microsoft and Yahoo, the number is still growing faster than Moore’s Law [6], doubling every 14 months. Unfortunately, a great number of security threats [7–10] still lie in large-scale cloud systems or server swarms.

& Wenchang Shi [email protected] 1

School of Information, Renmin University, Beijing, China

2

Key Laboratory of Data Engineering and Knowledge Engineering (Renmin University of China) of Ministry of Education, Beijing, China

According the top threats report [11] released by Cloud Security Alliance (CSA), misconfiguration of cloud assets has become commonplace in cloud computing, often leading to data breaches, service interruption and other security incidents. For e

Data Loading...

A collective attestation scheme towards cloud system

Recommend Documents

Towards Collective Awareness Systems

A Cloud Evolution Based Handoff Decision Scheme with ABC Supported

A Blockchain-Based Decentralized Public Auditing Scheme for Cloud Storage

Towards Critical Practice in a Teaching Company Scheme

Towards Inclusive Privacy Protections in the Cloud

Towards Multi-criteria Volunteer Cloud Service Selection

An optimized ECG android system using data compression scheme for cloud storage

Towards a Distributed Fuzzy Decision Making System

Cloud-based efficient scheme for handwritten digit recognition

Application of Polar Code-Based Scheme in Cloud Secure Storage

An accelerated rendering scheme for massively large point cloud data

ECC-Based Authentication Scheme for Cloud-Based Robots