Elsevier

Journal of Systems and Software

Volume 122, December 2016, Pages 202-214
Journal of Systems and Software

A tiny hypervisor-based trusted geolocation framework with minimized TPM operations

https://doi.org/10.1016/j.jss.2016.09.026Get rights and content

Highlights

  • Trusted geolocation system for cloud devices on a tiny hypervisor.

  • Performance improvement of the attestation protocol for the trusted geolocation.

  • Implementation of a practical trusted geolocation-based cloud service.

Abstract

Geographic locations of user devices are widely used to provide rich user experience in various environments such as proximity-based marketing, travel information, and cloud computing. Especially, cloud service providers require to utilize actual cloud user’s locations in location-based cloud services like Amazon GovCloud. However, it is not trivial to obtain the trusted geolocations of the user devices because there are many points for attackers to forge the current geolocations of the cloud user devices.

In order to solve this security issue, we propose a novel trusted geolocation framework for the cloud user device. The primary mechanism of the proposed framework is to deliver a trusted channel between a geolocation server and a tiny hypervisor in each mobile client. We leverage the Trusted Platform Module and dynamic root of trust measurement to securely attest the geolocations of the cloud devices. To show the feasibility of the proposed framework, we port Etherpad, a cloud word processor, into the trusted geolocation-based cloud service. We also evaluate the performance overhead of our framework in the cloud device and show that it causes only 8.3% overhead in JavaScript benchmark, which indicates the practicality of the proposed framework.

Introduction

As mobile cloud computing becomes a new computing platform, the geographic location of cloud data is one of the major concerns of the cloud tenant due to data privacy and security. Sometimes a company’s rules to which users belong conflict with the law of countries where data centers are located. In addition, most of cloud users do not want their data to be stored in such countries of which the governments monitor data in data centers or through networks.

In order to resolve this concern, some cloud services provide geolocation services that cloud tenants can choose the geographic location of a data center in which their data are stored. For example, when creating a virtual machine (VM) instance in Amazon EC2, a cloud tenant can choose a desired region where the VM image is maintained. Microsoft has also published a document explaining the data location strategy (Microsoft, 2011) because securing data in cloud computing is a contractual issue (Rimal et al., 2009). This document explains the data location policy of Office 365 and the detailed region of the data created by Office 365.

A trust geolocation service requires mutual trust between service providers and cloud tenants about each other’s physical locations. From the tenant’s perspective, the cloud tenants should be able to acquire the trusted geolocations of cloud servers in the cloud provider domain. Even though the cloud providers provide several ways the cloud tenants can know the actual locations of cloud servers, it is difficult to trust the cloud server geolocation from the cloud provider. Bartock et al. (2015) have developed a proof-of-concept system to solve the suspiciousness of the cloud tenant.

Furthermore, some cloud services require the trusted location of cloud tenants’ devices. For example, Amazon delivers a cloud service for the US government, known as GovCloud, which guarantees that only cloud users from the US can access specific cloud services. If a cloud tenant attempts to access these cloud services from outside of the US, GovCloud does not allow this access. Another example is the location-based site license or security policy that a service is provided to users whose locations are inside of specific buildings or institutes.

The major problem of the latter is that the actual geolocation of cloud tenant devices can be easily manipulated. In general, an application requests the geolocation of a device to a GPS device driver. In this process, there are many vulnerable points to forge the current geolocation of the device, which implies that the trusted computing base (TCB) for the trusted geolocation is too large. (e.g., the GPS device driver, system call tables, libraries for device driver communication, etc.) Since a large TCB-based system has high probability of embedding bugs, a secure system should minimize the TCB. Recent related studies have been proposed in various levels of the TCB: application protocols (Luo and Hengartner, 2010), hypervisor with trusted operating system (OS) (Gilbert et al., 2010), hypervisor with virtual machines (Liu, Saroiu, Wolman, Raj, 2012, Colp, Nanavati, Zhu, Aiello, Coker, Deegan, Loscocco, Warfield, 2011), and hypervisor with additional software components like device drivers (Zhou, Gligor, Newsome, McCune, 2012, Cheng, Ding, Deng, 2011). In these approaches, the hypervisor plays a key role in isolating the TCB from untrusted software components that can compromise the current location of the cloud device. However, there is little work whose TCB is limited only to the hypervisor in order to minimize the TCB size , which is the main focus of this paper.

Park et al. in our earlier work (Park et al., 2015) have addressed the large TCB problem in a different way of using a tiny hypervisor. In this approach, a user device does not have a specific VM to handle the trusted geolocation. Instead, the tiny hypervisor directly obtains the current geolocation from a GPS and computes an evidence value for the trusted geolocation with the Trusted Platform Module (TPM). However, this approach has a practical limitation due to the low performance of TPM operations executed in the hypervisor, which makes the user device pause during the TPM operations. The system hang during the TPM operations is inevitable because the TPM does not have the cryptographic accelerator and is also connected with the host computer via a old-fashioned bus such as the low pin count bus.

To state this problem, we propose a novel system, TGVisor that guarantees the trusted geolocation of mobile cloud devices with minimized TPM operations. TGVisor is based on the hardware-assisted tiny hypervisor, Dynamic Root of Trust Management (DRTM), and the TPM. With the combination of these components, TGVisor delivers the trusted geolocation of the mobile cloud devices to the cloud provider. In addition, we design and implement a practical cloud computing service that shows the feasibility of our system.

The contributions of this paper are as follows: (1) we design the trusted geolocation system for cloud devices based on the tiny hypervisor, (2) we improve the performance of the attestation protocol by minimizing the use of the TPM operations, and (3) we implement the practical trusted geolocation-based cloud word processor integrated with TGVisor.

This paper is structured as follows. Section 2 describes the background and Section 3 defines the problem of this paper. Sections 4 and 5 describe how we design the trusted geolocation system. We explain the implementation of TGVisor and its evaluation in Sections 6 and 7, respectively. Several issues including attack analysis and possible applications are analyzed in Section 8. The related work is provided in Section 9, and we conclude this paper in Section 10.

Section snippets

TPM-based remote attestation

In order to trust outputs of a target system, there must be ways that a verifier can attest the TCB of the target system. Usually, the hash value of the TCB is used as a value for attestation. The verifier validates the attestation value from the target system by comparing it to the known hash value of the TCB. For the trustworthy verification, the attestation value should be managed in a secure way and be authenticated with cryptographic operations.

Systems embedding a TPM meet the above

Goal

The main goal of our paper is to provide the trusted geolocation value of cloud tenant devices to a cloud geolocation server. In this subsection, we present the detailed requirements needed to satisfy the goal.

  • Guarantee of trusted geolocation of cloud tenant devices: Some cloud services such as GovCloud allow only users who live in a specific country or work in a specific building to use their services. However, there are many points where attackers can manipulate a geolocation value in the

Framework overview

Our framework uses TPM-based remote attestation and a hypervisor-based trusted geolocation module in order to achieve the research goal. Fig. 1 briefly shows how the proposed framework processes a geolocation value from the GPS in order to guarantee its trustworthiness.

Cloud tenants should install two proposed softwares, a tiny hypervisor, called TGVisor, and the Cloud Agent, in their devices. The hypervisor handles the geolocation value and performs TPM operations required for remote

Attestation protocol for trusted geolocation

The primary goal of the proposed protocol is to minimize the count of invoked TPM operations. On behalf of the minimized TPM operation, we divide the attestation protocol into two phases: session init phase and periodic attestation phase. In the session init phase, TGVisor generates a RSA key pair and sends the public part of the RSA key to the TGS along with an evidence value for the verification of the public key. The evidence value is computed with only two TPM operations,TPM_Quote2 and

Implementation

In this section, we describe the implementation details of the proposed framework including the tiny hypervisor and several components in a cloud device and a cloud app server. We also explain how to modify an open-source word processor to support the trusted geolocation-based service.

Field test of trusted geolocation-based cloud word processor

We performed a field test of the implemented word processor around a university area in order to show the practicality of TGVisor. A red solid rectangle in Fig. 5a shows a specific geofence in which access to cloud documents is allowed.

In the cloud provider domain, we installed the modified Etherpad server and the TGS into two virtual machines in a single host. In the cloud tenant device, we set up the Cloud Agent and TGVisor mentioned in the Section 6. After setting up the environment, we

Analysis on possible attacks

The primary goal of this paper is to provide a secure service about the trusted geolocation of cloud devices. In this subsection, we discuss possible attacks to TGVisor to compromise this goal and analyze how TGVisor counteracts them.

Pretending attack to be a hypervisor: Let us assume that a fake hypervisor is located inside a cloud device and tries to cheat the geolocation value of the cloud device. The fake hypervisor can run in either user or kernel mode in a host OS in the cloud device. In

Hypervisor security

Grid computing (e.g., GridLab (Allen et al., 2003)) and Service Oriented Architecture (SOA) are predecessors of cloud computing. The key difference between cloud computing and the predecessors is the extensive use of virtualization technology (Kyriazis et al., 2011) so that many researchers have focused on hypervisor security, the core software of virtualization technology as well as the basis of TGVisor. Perez-Botero et al. (2013) have classified hypervisor vulnerabilities of existing

Conclusion

The trusted geolocation for cloud devices is a necessary feature to solve the security concerns of cloud users about the data location in the cloud. In order for cloud providers to provide more reliable data location services, we present TGVisor, a novel trusted geolocation system for the cloud devices. Our approach leverages a tiny hypervisor and the TPM to establish a trusted path between a hypervisor in the cloud user devices and the TGS in the cloud provider domain. We also implement an

Acknowledgment

This work was primarily carried out during the first author’s visit to FRIENDS Laboratory at Purdue University.

Sungjin Park received the B.S. degree from Inha University in 2002 and the M.S. degree from POSTECH, South Korea in 2005. He is a senior researcher at the Attached Institute of Electronics and Telecommunications Research Institute (ETRI) and a Ph.D. candidate in Computer Science, KAIST, South Korea. His research interests include Cloud computing and system security.

References (41)

  • B. Blanchet et al.

    Automated verification of selected equivalences for security protocols

    J. Logic Algebraic Program.

    (2008)
  • Adafruit Ultimate GPS Breakout, - 66 channel w/10 Hz updates - Version 3. http://www.adafruit.com/product/746....
  • G. Allen et al.

    Enabling applications on the grid: a gridlab overview

    Int. J. High Perform. Comput. Appl.

    (2003)
  • AWS GovCloud,. (US) Region - Government Cloud Computing. http://aws.amazon.com/govcloud-us/. Accessed:...
  • M. Bartock et al.

    Trusted Geolocation in the Cloud: Proof of Concept Implementation

    Nat. Instit. Stand. Technol. Internal Report 7904

    (2015)
  • H. Bar-El

    Security implications of hardware vs. software cryptographic modules

    (2002)
  • E. Bertino et al.

    Geo-rbac: a spatially aware rbac

    Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies

    (2005)
  • S.K. Card et al.

    The information visualizer, an information workspace

    Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

    (1991)
  • D. Challener et al.

    A Practical Guide to Trusted Computing

    (2007)
  • L. Chen et al.

    Security of the tcg privacy-ca solution

    Embedded and Ubiquitous Computing (EUC), 2010 IEEE/IFIP 8th International Conference on

    (2010)
  • Y. Cheng et al.

    Computer Security – ESORICS 2011: 16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12–14,2011. Proceedings

    (2011)
  • CLOC, Count Lines of Code. http://cloc.sourceforge.net. Accessed:...
  • P. Colp et al.

    Breaking up is hard to do: Security and functionality in a commodity hypervisor

    Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

    (2011)
  • W. Dai et al.

    Tee: a virtual drtm based execution environment for secure cloud-end computing

    Proceedings of the 17th ACM Conference on Computer and Communications Security

    (2010)
  • A. Dua et al.

    Towards trustworthy participatory sensing

    Proceedings of the 4th USENIX Conference on Hot Topics in Security

    (2009)
  • ENISA (European Union Agency for Network and Information Security), 2014. Algorithms, key size and parameters report...
  • W. Feng et al.

    A drtm-based method for trusted network connection

    2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications

    (2011)
  • A. Filyanov et al.

    Uni-directional trusted path: transaction confirmation on just one device

    Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems&Networks

    (2011)
  • P. Gilbert et al.

    Toward trustworthy mobile sensing

    Proceedings of the Eleventh Workshop on Mobile Computing Systems and Applications

    (2010)
  • P. Gilbert et al.

    Youprove: authenticity and fidelity in mobile sensing

    Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems

    (2011)
  • Sungjin Park received the B.S. degree from Inha University in 2002 and the M.S. degree from POSTECH, South Korea in 2005. He is a senior researcher at the Attached Institute of Electronics and Telecommunications Research Institute (ETRI) and a Ph.D. candidate in Computer Science, KAIST, South Korea. His research interests include Cloud computing and system security.

    Jong-Jin Won received his M.S. and Ph.D. degrees in the Dept. of Computer Engineering from SungKyunKwan University, South Korea in 2000 and 2015, respectively. Since 2000, he has been working at the Attached Institute of Electronics and Telecommunications Research Institute (ETRI). His research interests include network and system security.

    Jaenam Yoon received his M.S degree in information and Communications Engineering from KAIST, South Korea, in 2000. His research interests include system architecture, cloud networking and security.

    Kyong Hoon Kim received his B.S., M.S., and Ph.D. degrees in Computer Science and Engineering from POSTECH, Korea, in 1998, 2000, 2005, respectively. Since 2007, he has been an associate professor at the Department of Informatics, Gyeongsang National University, Jinju, South Korea. From 2005 to 2007, he was a post-doctoral research fellow at CLOUDS lab in the Department of Computer Science and Software Engineering, the University of Melbourne, Australia. His research interests include real-time systems, Cloud computing, and security.

    Taisook Han received his B.S. degree in electronic engineering from Seoul National University, South Korea in 1976, M.S. degree in computer science from KAIST, Korea in 1978, and Ph.D. degree in computer science from University of North Carolina at Chapel Hill, USA in 1990. He is currently a professor in School of Computing, KAIST. His current research interests include programming language theory, software safety, and verification of embedded systems.

    View full text