Trusted Domain Hierarchical Model Based on Noninterference Theory

doi:10.1016/S1005-8885(15)60662-8

中国邮电高校学报(英文) ›› 2015, Vol. 22 ›› Issue (4): 7-16.doi: 10.1016/S1005-8885(15)60662-8

• Artificial Intelligence • 上一篇下一篇

Trusted Domain Hierarchical Model Based on Noninterference Theory

张磊¹,陈兴蜀¹,刘亮²,金鑫

1. College of Computer Science, Sichuan University, Chengdu 610065, China 2. College of Electronics and Information Engineering, Sichuan University, Chengdu 610065, China

收稿日期:2014-11-13 修回日期:2015-06-10 出版日期:2015-08-28 发布日期:2015-08-28
通讯作者: Chen Xingshu E-mail:chenxs@scu.edu.cn
基金资助:
the National Natural Science Foundation of China (61272447), the National Key Technology R&D Program of China (2012BAH18B05); the National New Generation Broadband Wireless Mobile Communication Network Major Project (03 Project) of China (12H1510).

Trusted Domain Hierarchical Model Based on Noninterference Theory

Zhang Lei, Chen Xingshu, Liu Liang, Jin Xin

1. College of Computer Science, Sichuan University, Chengdu 610065, China 2. College of Electronics and Information Engineering, Sichuan University, Chengdu 610065, China

Received:2014-11-13 Revised:2015-06-10 Online:2015-08-28 Published:2015-08-28
Supported by:
the National Natural Science Foundation of China (61272447), the National Key Technology R&D Program of China (2012BAH18B05); the National New Generation Broadband Wireless Mobile Communication Network Major Project (03 Project) of China (12H1510).

摘要/Abstract

摘要： To ensure the integrity and security of cloud tenants’ workload, and to prevent unexpected interference among tenants, cloud platform must make sure that system behaviors are trusted. By analyzing threats that exist in the cloud platform, a novel trusted domain hierarchical model (TDHM) based on noninterference theory was proposed in this paper to solve these problems. First of all, the abstraction modeling of tenants’ computing environment and trusted domain (TD) were introduced for designing TDHM with formal methods. Secondly, corresponding constraints for trusted running were given to satisfy security requirements of tenants’ TD, and security properties of TDHM ware analyzed. After that, trusted behavior of TD was defined based on these properties, and the decision theorem of that was proved. It illustrated that the design and implementation of TD in cloud followed the model with characteristics of trusted behavior. Finally, the implementation of prototype system was introduced based on our previous work, and evaluation results showed that the performance loss was in the acceptable range.

关键词: trusted domain hierarchical model, noninterference theory , cloud, integrity, security, trusted domain

Abstract: To ensure the integrity and security of cloud tenants’ workload, and to prevent unexpected interference among tenants, cloud platform must make sure that system behaviors are trusted. By analyzing threats that exist in the cloud platform, a novel trusted domain hierarchical model (TDHM) based on noninterference theory was proposed in this paper to solve these problems. First of all, the abstraction modeling of tenants’ computing environment and trusted domain (TD) were introduced for designing TDHM with formal methods. Secondly, corresponding constraints for trusted running were given to satisfy security requirements of tenants’ TD, and security properties of TDHM ware analyzed. After that, trusted behavior of TD was defined based on these properties, and the decision theorem of that was proved. It illustrated that the design and implementation of TD in cloud followed the model with characteristics of trusted behavior. Finally, the implementation of prototype system was introduced based on our previous work, and evaluation results showed that the performance loss was in the acceptable range.

Key words: trusted domain hierarchical model, noninterference theory , cloud, integrity, security, trusted domain

Zhang Lei, Chen Xingshu, Liu Liang, Jin Xin. Trusted Domain Hierarchical Model Based on Noninterference Theory[J]. Acta Metallurgica Sinica(English letters), 2015, 22(4): 7-16.

参考文献

1. Mell P, Grance T. The NIST definition of cloud computing. SP 800-145, Gaithersburg, MD, USA: Information Technology Laboratory, National Institute of Standards and Technoolgy (NIST), US Department of Commerce, 2011 2. Jansen W, Grance T. Guidelines on security and privacy in public cloud computing. Gaithersburg, MD, USA: Information Technology Laboratory, National Institute of Standards and Technoolgy (NIST), US Department of Commerce, 2011 3. Dolan-Gavitt B, Leek T, Zhivich M, et al. Virtuoso: narrowing the semantic gap in virtual machine introspection. Proceeding of the 2011 IEEE Symposium on Security and Privacy (SP’11), May 22?25, 2011, Berkeley, CA, USA. Piscataway, NJ, USA: IEEE, 2011: 297?312 4. Rocha F, Correia M. Lucy in the sky without diamonds: stealing confidential data in the cloud. Proceeding of the 41st IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W’11), Jun 27?30, 2011, Hong Kong, China. Piscataway, NJ, USA: IEEE, 2011: 129?134 5. McCune J M, Parno B, Perrig A, et al. Flicker: an execution infrastructure for TCB minimization. ACM SIGOPS Operating Systems Review, 2008, 42(4): 315?328 6. Chen X, Garfinkel T, Lewis E C, et al. Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. ACM SIGOPS Operating Systems Review, 2008, 42(2): 2?13 7. Chen H, Chen J Y, Mao W B, et al. Daonity―Grid security from two levels of virtualization. Information Security Technical Report, 2007, 12(3): 123?138 8. Zhang F Z, Chen J, Chen H B, et al. CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. Proceedings of the 23rd ACM Symposium on Operating Systems Principles. (SOSP’11), Oct 23?26, 2011, Cascais, Portugal. New York, NY, USA: ACM, 2011: 203?216 9. Ben-Yehuda M, Day M D, Dubitzky Z, et al. The turtles project: design and implementation of nested virtualization. Proceedings of the 9th USENIX Symposium on Operation Systems Design and Implementation (OSDI'10), Oct 4?6, 2010, Vancouver, Canada. Berkeley, CA, USA: USENIX Association, 2010: 423?436 10. Kauer B, Verissimo P, Bessani A. Recursive virtual machines for advanced security mechanisms. Proceeding of the 41st IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W’11), Jun 27?30, 2011, Hong Kong, China. Piscataway, NJ, USA: IEEE, 2011: 117?122 11. Butt S, Lagar-Cavilla H A, Srivastava A, et al. Self-service cloud computing. Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS’12), Oct 16?18, 2012, Raleigh, NC, USA. New York, NY, USA: ACM, 2012: 253?264 12. Gu L, Vaynberg A, Ford B, et al. Certikos: a certified kernel for secure cloud computing. Proceedings of the 2nd ACM SIGOPS Asia-Pacific Workshop on Systems (APSys’11), Jul 11?12, 2011, Shanghai, China. New York, NY, USA: ACM, 2011: 5p 13. Bacon J, Eyers D, Pasquier T F J M, et al. Information flow control for secure cloud computing. IEEE Transactions on Network and Service Management, 2014, 11(1): 76?89 14. Ray I, Ray I. Trust-based access control for secure cloud computing. Han K J, Choi B Y, Song S. High Performance Cloud Auditing and Applications. New York, NY, USA: Springer, 2014: 189?213 15. Zhang S B, Xu C X, Long Y X. Study on terminal trusted model based on trusted computing. Proceeding of the 2011 International Conference on Internet Technology and Applications (iTAP’11), Aug 16?18, 2011, Wuhan, China. Piscataway, NJ, USA: IEEE, 2011: 4p 16. Rushby J. Noninterference, transitivity, and channel-control security policies. CSL-92-02, Menlo Park, CA, USA: Computer Science Laboratory, SRI International, 1992 17. Cabuk S, Dalton C I, Eriksson K, et al. Towards automated security policy enforcement in multi-tenant virtual data centers. Journal of Computer Security, 2010, 18: 89?121 18. Corradi A, Fanelli M, Foschini L. VM consolidation: A real case based on OpenStack cloud. Future Generation Computer Systems, 2014, 32: 118?127 19. Berger S, Cácere R, Goldman K A, et al. vTPM: virtualizing the trusted platform module. Proceeding of the 15th Conference on USENIX Security Symposium (SS’06), Jul 31?Aug 4, 2006, Vancouver, Canada. Berkeley, CA, USA: USENIX Association, 2006: 305?320 20. Eisenbarth T, Güneysu T, Paar C, et al. Reconfigurable trusted computing in hardware. Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing (STC’07), Oct 29?Nov 2, 2007, Alexandria, VA, USA. New York, NY, USA: ACM, 2007: 15?20 21. Glas B, Klimm A, Sander O, et al. A system architecture for reconfigurable trusted platforms. Proceedings of the 2008 Design, Automation and Test in Europe Conference (DATE’08), Mar 10?14, 2008, Munich, Germany. Piscataway, NJ, USA: IEEE, 2008: 541?544 22. Sailer R, Zhang X L, Jaeger T, et al. Design and implementation of a TCG-based integrity measurement architecture. Proceeding of the USENIX Security Symposium, Aug 9?13, 2004, San Diego, CA, USA. Berkeley, CA, USA: USENIX Association, 2004: 223?238 23. Kühn U, Selhorst M, Stüble C. Realizing property-based attestation and sealing with commonly available hard-and software. Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing (STC’07), Oct 29?Nov 2, 2007, Alexandria, VA, USA. New York, NY, USA: ACM, 2007: 50?57 24. Wallom D, Turilli M, Taylor G, et al. myTrustedCloud: trusted cloud infrastructure for security-critical computation and data management. Proceeding of the 3rd IEEE International Conference on Cloud Computing Technology and Science (CloudCom’11), Nov 29?Dec 1, 2011, Athens, Greece. Piscataway, NJ, USA: IEEE, 2011: 247?254 25. Zhang L, Chen X S, Liu L, et al. A kernel integrity protection technology based on virtual machine. Journal of University of Electronic Science and Technology of China, 2015, 44(1): 117?122 (in Chinese) 26. Zhang L, Chen X S, Liu L, et al. Virt-RSBAC: A novel framework to mitigate internal threat of cloud computing. Journal of Sichuan University: Engineering Science Edition, 2014, 46(6): 116?121 (in Chinese) 27. Chen L, Chen X S, Jiang J F, et al. Research and practice of dynamic network security architecture for IaaS platforms. Tsinghua Science and Technology, 2014, 19(5): 496?507 28. Ren Y, Chen X S, Zhang L, et al. A kind of rootkit detection and processing technology in virtual environment. Journal of Sichuan University: Engineering Science Edition, 2014, 46(Z2): 109?115 (in Chinese)

Trusted Domain Hierarchical Model Based on Noninterference Theory

Trusted Domain Hierarchical Model Based on Noninterference Theory

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价