How to Build Trust and Ensure Application Security with Cloud Service Providers?
The deployment and use of cloud computing is accepted across various industries at a large scale; however, there are many concerns related to data handled by cloud providers that hamper this. By storing and processing the data outside the premises of the company, there is a lesser control over the infrastructure of the company. Therefore, there must be a trust from the clients availing the cloud service (CS) on the CS providers that they will be able to prevent any internal and external attacks on the data. Such trust cannot be validated and verified by any external party; however, it is relied based on the agreement between the organization and the CS provider.
Some of the measures toward building a trust in the CS provider include enabling the CS client to verify the integrity of the host, i.e. the place where the virtual machine instance will run and ensuring that the virtual machine image has not been tampered. There are in fact various tools that can be used to verify the host before the launch of the VM instance. This allows the CS client to make decisions about the storage and calculation of data at the runtime.
In order to tackle the issues related to security and trust in public cloud computing environments, the three components – trusted computing, virtualization technology, and cloud computing platforms, plays an important role. Virtualization technology has been there for a long time and is the basis for the realization of cloud computing. The recent industry trend in the form of trusted computing aims to implement trust in hardware component.
The issues related to public cloud environments like trust and security can be addressed by inspecting the latest technology being used within cloud computing in terms of security and then addressing the issues of trust while launching generic virtual machine in the public cloud environment.
There needs to be a reliable protocol to ensure and verify the integrity of the VM instance at the launch time by CS clients. Moreover, it will ensure the integrity of the host where VM instance is launched. The protocol can use the Trusted Platform Module (TPM) for key generation, data protection, and integrity attestation of the VM instance host. The protocol can be implemented using the Open Stack cloud computing platform and the application can be verified by building a prototype implementation using a distributed deployment of Open Stack. This would ensure the creation of a secure and trusted public cloud computing environment.