Cryptography as a service in a cloud computing e ?· Cryptography as a service in a cloud computing…

Download Cryptography as a service in a cloud computing e ?· Cryptography as a service in a cloud computing…

Post on 27-Aug-2018

214 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • EINDHOVEN UNIVERSITY OF TECHNOLOGYDepartment of Mathematics and Computing Science

    MASTERS THESIS

    Cryptography as a servicein a cloud computing environment

    Hugo a.w. Ideler

    Eindhoven, December 2012

    Supervisors: Prof. dr. Milan PetkoviProf. dr.-ing. Ahmad-Reza Sadeghi

    Instructors: MSc. Sven BugielMSc. Stefan Nrnberger

    Eindhoven University of technologyCenter for Advanced Security Research Darmstadt (cased)

  • ii

  • Abstract

    Nowadays, a serious concern about cloud computing is theprotection of clients data and computations against variousattacks from the cloud providers side as well as outsiders.Moreover, cloud consumers are rather limited in implement-ing, deploying and controlling their own security solutionsin the cloud.In this thesis, we present a cloud architecture which en-

    ables cloud consumers to securely deploy and run virtualmachines in the cloud, in which the complete deploymentlifecycle is considered, and with a special focus on both themalicious insider as well as the external attacker. Our imple-mentation, which is based on the Xen hypervisor, revolvesaround three core modifications to the status quo.First, the clients cryptographic operations run in an

    isolated client-specific secure execution domain, protectedfrom cloud administrators and outside attackers havinggained access to a vms data. Second, we present a designthat guards the confidentiality and integrity of a users vmas a whole against the cloud administrator. This is achievedby enforcing stronger access control and by noninvasivemodifications to the Xen architecture. Third, we extendXen with a design for secure credentials provisioning byleveraging standard trusted computing technology, enablingcloud consumers to always be in control of the access to,and usage of, their cryptographic credentials in the cloud.

    We evaluate our implementation in a lab setup. In addi-tion, we perform rudimentary experiments in the ec2 publiccloud to the extend possible with the constraints imposedby the cloud provider.

    iii

  • Acknowledgements

    This thesis is the result of my graduation project at the Center for AdvancedSecurity Research Darmstadt (cased) in cooperation with the EindhovenUniversity of Technology.I wish to thank my supervisor from Darmstadt, prof. Ahmad-Reza Sadeghi,

    under whose supervision and guidance I was able to work on a highly interestingand intriguing topic. Furthermore, I am deeply grateful to my instructors, SvenBugiel and Stefan Nrnberger, on whom I could always rely during my monthsin Darmstadt to help me out with feedback and fruitful discussions. It was agreat pleasure for me to work with them.

    Finally, I expressly thank my Eindhoven supervisor, prof. Milan Petkovi, forgiving me the opportunity to do my masters thesis at a different universityand for his continuous support during the whole project.

    Hugo a.w. IdelerDarmstadt, GermanyDecember 2012

    iv

  • Contents

    Abstract iii

    Acknowledgements iv

    1. Introduction 1

    2. Background information 42.1. Introduction to virtualization . . . . . . . . . . . . . . . . . . . 4

    2.1.1. Virtualization technologies . . . . . . . . . . . . . . . . 52.1.2. Virtualization techniques . . . . . . . . . . . . . . . . . 62.1.3. Memory virtualization . . . . . . . . . . . . . . . . . . . 9

    2.2. Introduction to the Xen hypervisor . . . . . . . . . . . . . . . . 102.2.1. Virtual devices . . . . . . . . . . . . . . . . . . . . . . . 112.2.2. Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142.2.3. Xen security . . . . . . . . . . . . . . . . . . . . . . . . 15

    2.3. Introduction to trusted computing . . . . . . . . . . . . . . . . 172.3.1. Core concepts . . . . . . . . . . . . . . . . . . . . . . . . 172.3.2. Operations . . . . . . . . . . . . . . . . . . . . . . . . . 20

    3. Problem description 253.1. Attacker model . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

    3.1.1. Attack channels . . . . . . . . . . . . . . . . . . . . . . . 253.1.2. Assumptions . . . . . . . . . . . . . . . . . . . . . . . . 273.1.3. Adversaries . . . . . . . . . . . . . . . . . . . . . . . . . 28

    3.2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293.2.1. Security objectives . . . . . . . . . . . . . . . . . . . . . 293.2.2. List of requirements . . . . . . . . . . . . . . . . . . . . 30

    4. Related work 314.1. Virtualizing the tpm . . . . . . . . . . . . . . . . . . . . . . . . 314.2. Property-based tpm virtualization . . . . . . . . . . . . . . . . 334.3. Disaggregating dom0 . . . . . . . . . . . . . . . . . . . . . . . . 354.4. The Xoar design . . . . . . . . . . . . . . . . . . . . . . . . . . 37

    v

  • Contents

    4.5. The nova microhypervisor . . . . . . . . . . . . . . . . . . . . 384.6. Cloud trust anchors . . . . . . . . . . . . . . . . . . . . . . . . 414.7. The Cloudvisor design . . . . . . . . . . . . . . . . . . . . . . . 424.8. Self-service cloud computing . . . . . . . . . . . . . . . . . . . . 44

    5. Architecture 465.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465.2. Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

    5.2.1. Cryptographic assistance domain . . . . . . . . . . . . . 485.2.2. Hypervisor access control . . . . . . . . . . . . . . . . . 495.2.3. Trusted domain builder . . . . . . . . . . . . . . . . . . 50

    5.3. Key provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . 515.3.1. The basic scheme . . . . . . . . . . . . . . . . . . . . . . 515.3.2. The cloud verifier scheme . . . . . . . . . . . . . . . . . 55

    6. Implementation 596.1. Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596.2. Caas bootstrapping . . . . . . . . . . . . . . . . . . . . . . . . 61

    6.2.1. Initialization . . . . . . . . . . . . . . . . . . . . . . . . 616.2.2. Starting a vm . . . . . . . . . . . . . . . . . . . . . . . . 65

    7. Evaluations 697.1. Magnitude of the tcb . . . . . . . . . . . . . . . . . . . . . . . 697.2. Access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717.3. Passthrough encryption . . . . . . . . . . . . . . . . . . . . . . 72

    7.3.1. Discussion of results . . . . . . . . . . . . . . . . . . . . 737.3.2. Measurement conclusions . . . . . . . . . . . . . . . . . 74

    7.4. Experiments in the public cloud . . . . . . . . . . . . . . . . . . 78

    8. Future work 80

    9. Conclusions 82

    A. Further introduction to Xen 84A.1. Xen components . . . . . . . . . . . . . . . . . . . . . . . . . . 84A.2. Mini-os . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

    B. Implementation details 89B.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89B.2. Data structures . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

    vi

  • Contents

    B.3. Deprivileged management domain . . . . . . . . . . . . . . . . 94B.3.1. The xsm framework . . . . . . . . . . . . . . . . . . . . 96B.3.2. The caas security module . . . . . . . . . . . . . . . . . 96

    B.4. Virtual filesystem driver . . . . . . . . . . . . . . . . . . . . . . 99B.4.1. The caas vfs bridge . . . . . . . . . . . . . . . . . . . . 99

    B.5. Domain builder port . . . . . . . . . . . . . . . . . . . . . . . . 101B.5.1. The caas domain builder . . . . . . . . . . . . . . . . . 102B.5.2. Inter-vm pipe . . . . . . . . . . . . . . . . . . . . . . . . 104

    B.6. Direct booting of domt in conjunction with dom0 . . . . . . . 105B.6.1. Tboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105B.6.2. Direct booting of domt . . . . . . . . . . . . . . . . . . 106

    B.7. Trusted platform module driver . . . . . . . . . . . . . . . . . . 108B.8. Passthrough encryption . . . . . . . . . . . . . . . . . . . . . . 108

    B.8.1. Cryptography . . . . . . . . . . . . . . . . . . . . . . . . 110B.8.2. Domc back-end driver . . . . . . . . . . . . . . . . . . . 112B.8.3. Applying passthrough encryption . . . . . . . . . . . . . 112

    B.9. vtpms and pv-tgrub . . . . . . . . . . . . . . . . . . . . . . . 114B.10.Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

    B.10.1.User vm deployment tool . . . . . . . . . . . . . . . . . 115

    C. Details on the use of TBoot 117

    D. Xenstore device handshaking 120

    E. Xenstore security 122

    F. Xen hypercalls 123

    G. XSM hooks 133

    Bibliography 135

    Acronyms 143

    Index of symbols and identifiers 146

    Index of concepts 151

    vii

  • List of Figures

    2.1. Schematic virtualization overview with hypervisor categories . . 52.2. Protection rings in native and paravirtualized environments . . 82.3. The three layers of memory virtualization . . . . . . . . . . . . 92.4. A typical Xen setup . . . . . . . . . . . . . . . . . . . . . . . . 122.5. Schematic tpm overview . . . . . . . . . . . . . . . . . . . . . . 172.6. Chain of trust in an authenticated boot . . . . . . . . . . . . . 18

    3.1. Attack channels . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

    4.1. Virtualized tpm architecture . . . . . . . . . . . . . . . . . . . 324.2. Virtualized property-based tpm . . . . . . . . . . . . . . . . . . 344.3. Domain builder overview . . . . . . . . . . . . . . . . . . . . . . 364.4. Overview of various trusted computing bases . . . . . . . . . . 384.5. Nova architecture . . . . . . . . . . . . . . . . . . . . . . . . . 394.6. The cloud verifier design . . . . . . . . . . . . . . . . . . . . . . 41

    5.1. Example of segregating and isolating keys . . . . . . . . . . . . 475.2. The chicken-and-egg problem with key deployment . . . . . . . 475.3. High-level overview of the caas architecture . . . . . . . . . . . 495.4. Tpm interactions in

Recommended

View more >