9 Clouds Chains of Trust

This chapter establishes a foundation framework which draws a roadmap for addressing the first two challenges discussed in Chapter 7; that is, developing the effective chain of trust functions and the dynamicity aware protocols. The framework addresses the question of how an entity could establish trust in a composition of multiple entities which could change dynamically. The chapter also discusses how users could assess the Cloud's trustworthiness without the need to get involved in the complex technical details of the Cloud.

9.1 Introduction

Establishing trust between remote entities is an important subject which has been widely discussed in academia and industry. The most commonly known solution attempting to address this problem, which has been adopted by the industry, is that proposed as part of the TCG specifications (known as remote attestation) [1–3]. Establishing remote attestation in Clouds is critical for their success. However, remote attestation as proposed by the TCG is impractical in the Cloud due to Clouds’ complexity and dynamism. This chapter clarifies this important subject, and presents a method which helps in providing remote attestation in the context of the Clouds environment.

Establishing trust in the Cloud infrastructure is an important subject that is yet to receive adequate attention from both academia and industry [4–7]. There are a number of techniques that enable one party to establish trust in an unknown entity: direct ...

Get Cloud Management and Security now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.