Virtual TPM for a secure cloud: Fallacy or reality?

• Autores: Jordi Cucurull Juan, Sandra Guasch Castelló
• Localización: RECSI XIII: actas de la XIII Reunión Española sobre Criptología y Seguridad de la Información. Alicante, 2-5 de septiembre de 2014 / coord. por Rafael Álvarez Sánchez, Joan-Josep Climent Coloma, Francisco Ferrández Agulló, Francisco Martínez Pérez, Leandro Tortosa Grau, José F. Vicent Francés, Antonio Zamora Gómez, 2014, ISBN 978-84-9717-232-0, págs. 197-202
• Idioma: inglés
• Enlaces
  • Texto Completo Libro
• Resumen

  • The cloud technology has dramatically increased the virtualisation usage during the last years. Nevertheless, the virtualisation has also imposed some challenges on the security of the cloud. A remarkable case is in the usage of cryptographic hardware such as the Trusted Platform Module (TPM).

    A TPM is a device, physically attached to a server, that provides several cryptographic functionalities to offer a foundation of trust for the running software. Unfortunately, the virtualisation of the TPM to bring its security properties to virtual environments is not direct due to its design and security constraints.

    During the last years several proposals have been presented to solve the virtualisation of the TPM. Nevertheless, the virtualization systems have not started to adopt them until very recently.

    This paper reviews three existing implementations of virtual TPM in the Xen and QEMU virtualisation solutions. The main contribution of the paper is an analysis of these solutions from a security perspective.