A tiny hypervisor-based trusted geolocation framework with minimized TPM operations
Introduction
As mobile cloud computing becomes a new computing platform, the geographic location of cloud data is one of the major concerns of the cloud tenant due to data privacy and security. Sometimes a company’s rules to which users belong conflict with the law of countries where data centers are located. In addition, most of cloud users do not want their data to be stored in such countries of which the governments monitor data in data centers or through networks.
In order to resolve this concern, some cloud services provide geolocation services that cloud tenants can choose the geographic location of a data center in which their data are stored. For example, when creating a virtual machine (VM) instance in Amazon EC2, a cloud tenant can choose a desired region where the VM image is maintained. Microsoft has also published a document explaining the data location strategy (Microsoft, 2011) because securing data in cloud computing is a contractual issue (Rimal et al., 2009). This document explains the data location policy of Office 365 and the detailed region of the data created by Office 365.
A trust geolocation service requires mutual trust between service providers and cloud tenants about each other’s physical locations. From the tenant’s perspective, the cloud tenants should be able to acquire the trusted geolocations of cloud servers in the cloud provider domain. Even though the cloud providers provide several ways the cloud tenants can know the actual locations of cloud servers, it is difficult to trust the cloud server geolocation from the cloud provider. Bartock et al. (2015) have developed a proof-of-concept system to solve the suspiciousness of the cloud tenant.
Furthermore, some cloud services require the trusted location of cloud tenants’ devices. For example, Amazon delivers a cloud service for the US government, known as GovCloud, which guarantees that only cloud users from the US can access specific cloud services. If a cloud tenant attempts to access these cloud services from outside of the US, GovCloud does not allow this access. Another example is the location-based site license or security policy that a service is provided to users whose locations are inside of specific buildings or institutes.
The major problem of the latter is that the actual geolocation of cloud tenant devices can be easily manipulated. In general, an application requests the geolocation of a device to a GPS device driver. In this process, there are many vulnerable points to forge the current geolocation of the device, which implies that the trusted computing base (TCB) for the trusted geolocation is too large. (e.g., the GPS device driver, system call tables, libraries for device driver communication, etc.) Since a large TCB-based system has high probability of embedding bugs, a secure system should minimize the TCB. Recent related studies have been proposed in various levels of the TCB: application protocols (Luo and Hengartner, 2010), hypervisor with trusted operating system (OS) (Gilbert et al., 2010), hypervisor with virtual machines (Liu, Saroiu, Wolman, Raj, 2012, Colp, Nanavati, Zhu, Aiello, Coker, Deegan, Loscocco, Warfield, 2011), and hypervisor with additional software components like device drivers (Zhou, Gligor, Newsome, McCune, 2012, Cheng, Ding, Deng, 2011). In these approaches, the hypervisor plays a key role in isolating the TCB from untrusted software components that can compromise the current location of the cloud device. However, there is little work whose TCB is limited only to the hypervisor in order to minimize the TCB size , which is the main focus of this paper.
Park et al. in our earlier work (Park et al., 2015) have addressed the large TCB problem in a different way of using a tiny hypervisor. In this approach, a user device does not have a specific VM to handle the trusted geolocation. Instead, the tiny hypervisor directly obtains the current geolocation from a GPS and computes an evidence value for the trusted geolocation with the Trusted Platform Module (TPM). However, this approach has a practical limitation due to the low performance of TPM operations executed in the hypervisor, which makes the user device pause during the TPM operations. The system hang during the TPM operations is inevitable because the TPM does not have the cryptographic accelerator and is also connected with the host computer via a old-fashioned bus such as the low pin count bus.
To state this problem, we propose a novel system, TGVisor that guarantees the trusted geolocation of mobile cloud devices with minimized TPM operations. TGVisor is based on the hardware-assisted tiny hypervisor, Dynamic Root of Trust Management (DRTM), and the TPM. With the combination of these components, TGVisor delivers the trusted geolocation of the mobile cloud devices to the cloud provider. In addition, we design and implement a practical cloud computing service that shows the feasibility of our system.
The contributions of this paper are as follows: (1) we design the trusted geolocation system for cloud devices based on the tiny hypervisor, (2) we improve the performance of the attestation protocol by minimizing the use of the TPM operations, and (3) we implement the practical trusted geolocation-based cloud word processor integrated with TGVisor.
This paper is structured as follows. Section 2 describes the background and Section 3 defines the problem of this paper. Sections 4 and 5 describe how we design the trusted geolocation system. We explain the implementation of TGVisor and its evaluation in Sections 6 and 7, respectively. Several issues including attack analysis and possible applications are analyzed in Section 8. The related work is provided in Section 9, and we conclude this paper in Section 10.
Section snippets
TPM-based remote attestation
In order to trust outputs of a target system, there must be ways that a verifier can attest the TCB of the target system. Usually, the hash value of the TCB is used as a value for attestation. The verifier validates the attestation value from the target system by comparing it to the known hash value of the TCB. For the trustworthy verification, the attestation value should be managed in a secure way and be authenticated with cryptographic operations.
Systems embedding a TPM meet the above
Goal
The main goal of our paper is to provide the trusted geolocation value of cloud tenant devices to a cloud geolocation server. In this subsection, we present the detailed requirements needed to satisfy the goal.
- •
Guarantee of trusted geolocation of cloud tenant devices: Some cloud services such as GovCloud allow only users who live in a specific country or work in a specific building to use their services. However, there are many points where attackers can manipulate a geolocation value in the
Framework overview
Our framework uses TPM-based remote attestation and a hypervisor-based trusted geolocation module in order to achieve the research goal. Fig. 1 briefly shows how the proposed framework processes a geolocation value from the GPS in order to guarantee its trustworthiness.
Cloud tenants should install two proposed softwares, a tiny hypervisor, called TGVisor, and the Cloud Agent, in their devices. The hypervisor handles the geolocation value and performs TPM operations required for remote
Attestation protocol for trusted geolocation
The primary goal of the proposed protocol is to minimize the count of invoked TPM operations. On behalf of the minimized TPM operation, we divide the attestation protocol into two phases: session init phase and periodic attestation phase. In the session init phase, TGVisor generates a RSA key pair and sends the public part of the RSA key to the TGS along with an evidence value for the verification of the public key. The evidence value is computed with only two TPM operations,TPM_Quote2 and
Implementation
In this section, we describe the implementation details of the proposed framework including the tiny hypervisor and several components in a cloud device and a cloud app server. We also explain how to modify an open-source word processor to support the trusted geolocation-based service.
Field test of trusted geolocation-based cloud word processor
We performed a field test of the implemented word processor around a university area in order to show the practicality of TGVisor. A red solid rectangle in Fig. 5a shows a specific geofence in which access to cloud documents is allowed.
In the cloud provider domain, we installed the modified Etherpad server and the TGS into two virtual machines in a single host. In the cloud tenant device, we set up the Cloud Agent and TGVisor mentioned in the Section 6. After setting up the environment, we
Analysis on possible attacks
The primary goal of this paper is to provide a secure service about the trusted geolocation of cloud devices. In this subsection, we discuss possible attacks to TGVisor to compromise this goal and analyze how TGVisor counteracts them.
Pretending attack to be a hypervisor: Let us assume that a fake hypervisor is located inside a cloud device and tries to cheat the geolocation value of the cloud device. The fake hypervisor can run in either user or kernel mode in a host OS in the cloud device. In
Hypervisor security
Grid computing (e.g., GridLab (Allen et al., 2003)) and Service Oriented Architecture (SOA) are predecessors of cloud computing. The key difference between cloud computing and the predecessors is the extensive use of virtualization technology (Kyriazis et al., 2011) so that many researchers have focused on hypervisor security, the core software of virtualization technology as well as the basis of TGVisor. Perez-Botero et al. (2013) have classified hypervisor vulnerabilities of existing
Conclusion
The trusted geolocation for cloud devices is a necessary feature to solve the security concerns of cloud users about the data location in the cloud. In order for cloud providers to provide more reliable data location services, we present TGVisor, a novel trusted geolocation system for the cloud devices. Our approach leverages a tiny hypervisor and the TPM to establish a trusted path between a hypervisor in the cloud user devices and the TGS in the cloud provider domain. We also implement an
Acknowledgment
This work was primarily carried out during the first author’s visit to FRIENDS Laboratory at Purdue University.
Sungjin Park received the B.S. degree from Inha University in 2002 and the M.S. degree from POSTECH, South Korea in 2005. He is a senior researcher at the Attached Institute of Electronics and Telecommunications Research Institute (ETRI) and a Ph.D. candidate in Computer Science, KAIST, South Korea. His research interests include Cloud computing and system security.
References (41)
- et al.
Automated verification of selected equivalences for security protocols
J. Logic Algebraic Program.
(2008) - Adafruit Ultimate GPS Breakout, - 66 channel w/10 Hz updates - Version 3. http://www.adafruit.com/product/746....
- et al.
Enabling applications on the grid: a gridlab overview
Int. J. High Perform. Comput. Appl.
(2003) - AWS GovCloud,. (US) Region - Government Cloud Computing. http://aws.amazon.com/govcloud-us/. Accessed:...
- et al.
Trusted Geolocation in the Cloud: Proof of Concept Implementation
Nat. Instit. Stand. Technol. Internal Report 7904
(2015) Security implications of hardware vs. software cryptographic modules
(2002)- et al.
Geo-rbac: a spatially aware rbac
Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies
(2005) - et al.
The information visualizer, an information workspace
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
(1991) - et al.
A Practical Guide to Trusted Computing
(2007) - et al.
Security of the tcg privacy-ca solution
Embedded and Ubiquitous Computing (EUC), 2010 IEEE/IFIP 8th International Conference on
(2010)
Computer Security – ESORICS 2011: 16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12–14,2011. Proceedings
Breaking up is hard to do: Security and functionality in a commodity hypervisor
Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Tee: a virtual drtm based execution environment for secure cloud-end computing
Proceedings of the 17th ACM Conference on Computer and Communications Security
Towards trustworthy participatory sensing
Proceedings of the 4th USENIX Conference on Hot Topics in Security
A drtm-based method for trusted network connection
2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications
Uni-directional trusted path: transaction confirmation on just one device
Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems&Networks
Toward trustworthy mobile sensing
Proceedings of the Eleventh Workshop on Mobile Computing Systems and Applications
Youprove: authenticity and fidelity in mobile sensing
Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems
Cited by (5)
GeoPGD: methodology for the design and development of geolocated pervasive games
2021, Universal Access in the Information SocietyDesign and implementation of trusted sensing framework for IoT environment
2021, Journal of Communications and NetworksResearch on the trusted protection technology of internet of things
2019, Cluster ComputingPrevention of data theft attacks in infrastructure as a service cloud through trusted computing
2019, International Journal of Innovative Technology and Exploring EngineeringA Fine-Grained Secure Service Provisioning Platform for Hypervisor Systems
2022, Electronics (Switzerland)
Sungjin Park received the B.S. degree from Inha University in 2002 and the M.S. degree from POSTECH, South Korea in 2005. He is a senior researcher at the Attached Institute of Electronics and Telecommunications Research Institute (ETRI) and a Ph.D. candidate in Computer Science, KAIST, South Korea. His research interests include Cloud computing and system security.
Jong-Jin Won received his M.S. and Ph.D. degrees in the Dept. of Computer Engineering from SungKyunKwan University, South Korea in 2000 and 2015, respectively. Since 2000, he has been working at the Attached Institute of Electronics and Telecommunications Research Institute (ETRI). His research interests include network and system security.
Jaenam Yoon received his M.S degree in information and Communications Engineering from KAIST, South Korea, in 2000. His research interests include system architecture, cloud networking and security.
Kyong Hoon Kim received his B.S., M.S., and Ph.D. degrees in Computer Science and Engineering from POSTECH, Korea, in 1998, 2000, 2005, respectively. Since 2007, he has been an associate professor at the Department of Informatics, Gyeongsang National University, Jinju, South Korea. From 2005 to 2007, he was a post-doctoral research fellow at CLOUDS lab in the Department of Computer Science and Software Engineering, the University of Melbourne, Australia. His research interests include real-time systems, Cloud computing, and security.
Taisook Han received his B.S. degree in electronic engineering from Seoul National University, South Korea in 1976, M.S. degree in computer science from KAIST, Korea in 1978, and Ph.D. degree in computer science from University of North Carolina at Chapel Hill, USA in 1990. He is currently a professor in School of Computing, KAIST. His current research interests include programming language theory, software safety, and verification of embedded systems.