A Trusted-based Cloud Computing Virtual Storage System and Key Technologies
Keywords:
trusted, Cloud Computing, virtual storage, cloud storage, encryption, authenticationAbstract
With the popularity of Cloud Computing, people become incresingly concern about security problems, especially the data security, which has become the biggest obstacle for the development of Cloud Computing. In order to protect confidentiality and integrity of user data in Cloud Computing, this paper firstly studies the relevant research works in fields of trusted computing and Cloud Computing data protection and secondly introduces the concept of trusted into Cloud Computing data protection, presents the concept of Trusted Virtual Block Storage Device (TVBSD) and designs the Trusted Cloud Computing Virtual Storage System (TCCVSS). And then, the key technologies such as isolation, block device encryption and two-way authentication are expounded in this paper. Finally, the result of experiments shows that the system and the related technologies can not only effectively ensure the security of user data, but also control the consequent performance overhead in a proper range.References
B. Tograph, Y.R. Morgens (2008), Cloud computing, Communications of the ACM, 51(7): 9-11. http://dx.doi.org/10.1145/1364782.1364786
A. Weiss (2007), Computing in the clouds, Network of ACM, 11(4): 16-25. http://dx.doi.org/10.1145/1327512.1327513
A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, and I. Stoica (2009), Above the clouds: A Berkeley view of cloud computing. Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley, Rep. UCB/EECS 28, 13. 2009.
J. Heiser, M. Nicolett (2008), Assessing the security risks of cloud computing. Gartner Report.
http://labs.google.com/papers/gfs.html.
U. Kűhn, K. Kursawe, S. Lucks, A.R. Sadeghi, C. Stűble (2005), Secure data management in trusted computing, In: Cryptographic Hardware and Embedded SystemsCHES 2005: Springer, 324-338. http://dx.doi.org/10.1007/11545262_24
C. Shen, H. Zhang, H. Wang, J. Wang, B. Zhao, F. Yan, F. Yu, L. Zhang, M. Xu (2010), Research on trusted computing and its development. Science China Information Sciences, 53(3): 405-433. http://dx.doi.org/10.1007/s11432-010-0069-x
A. Seshadri, M. Luk, N. Qu, A. Perrig (2007), SecVisor: A tiny hypervisor to provide lifetime kernel code integrity for commodity OSes, ACM SIGOPS Operating Systems Review, 41(3): 335-350. http://dx.doi.org/10.1145/1323293.1294294
M. Xu, X. Jiang, R. Sandhu, X. Zhang (2007), Towards a VMM-based usage control framework for OS kernel integrity protection. In: Proceedings of the 12th ACM symposium on Access control models and technologies: ACM, 71-80. http://dx.doi.org/10.1145/1266840.1266852
S. Pearson, Y. Shen, M. Mowbray (2009), A privacy manager for cloud computing. In: Cloud Computing: Springer, 90-106. http://dx.doi.org/10.1007/978-3-642-10665-1_9
L. Wang, Z. Ren, Y. Dong, R. Yu, R. Deng (2013), A management approach to key-used times based on trusted platform module in cloud storage. Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 50(8): 1628-1636.
F. Cheng, Z. Peng, W. Song, S. Wang, Y. Cui (2013), Key management for access control in trusted cloud storages, Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 50(8): 1613-1627.
L. Zhaobin, Q. Wenyu, L. Keqiu, F. Ruoyu (2009), Object oriented property attestation for trusted storage. In: IEEE 9th International Conference on Computer and Information Technology, CIT 2009, October 11, 2009 - October 14, 2009 Xiamen, China: IEEE Computer Society, 93-97.
D. Wang, D. Feng (2010), A hypervisor-based secure storage scheme. In: 2nd International Conference on Networks Security, Wireless Communications and Trusted Computing, NSWCTC 2010, April 24, 2010 - April 25, 2010 Wuhan, Hubei, China: IEEE Computer Society, 81-86. http://dx.doi.org/10.1109/nswctc.2010.27
X. Yang, Q. Shen, Y. Yang, S. Qing (2011), A way of key management in cloud storage based on trusted computing. In: 8th IFIP International Conference on Network and Parallel Computing, NPC 2011, October 21, 2011 - October 23, 2011 Changsha, China: Springer Verlag, 135-145. http://dx.doi.org/10.1007/978-3-642-24403-2_11
J. Chen (2011), Design and Implementation Volume-Based Hierarchical Storage System. Huazhong University of Science & Technology.
Published
Issue
Section
License
ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.
You are free to:
-Share: copy and redistribute the material in any medium or format;
-Adapt: remix, transform, and build upon the material.
The licensor cannot revoke these freedoms as long as you follow the license terms.
DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.
