Opportunities in using a secure element to increase confidence in cloud security monitoring

Teemu Kanstrén, Sami Lehtonen, Hilkka Kukkohovi

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    2 Citations (Scopus)

    Abstract

    In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.
    Original languageEnglish
    Title of host publicationCloud Computing (CLOUD), 2015 IEEE 8th International Conference on
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Pages1093 - 1098
    ISBN (Electronic)978-1-4673-7286-2, 978-1-4673-7287-9
    DOIs
    Publication statusPublished - 20 Aug 2015
    MoE publication typeA4 Article in a conference publication
    EventIEEE 8th International Conference on Cloud Computing - New York, United States
    Duration: 27 Jun 20152 Jul 2015
    Conference number: 8

    Conference

    ConferenceIEEE 8th International Conference on Cloud Computing
    Abbreviated titleCLOUD
    CountryUnited States
    CityNew York
    Period27/06/152/07/15

    Fingerprint

    Monitoring
    Visibility
    Hardware
    Industry
    Hardware security

    Keywords

    • cloud computing
    • cryptography
    • monitoring
    • probes
    • virtual machining

    Cite this

    Kanstrén, T., Lehtonen, S., & Kukkohovi, H. (2015). Opportunities in using a secure element to increase confidence in cloud security monitoring. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on (pp. 1093 - 1098). IEEE Institute of Electrical and Electronic Engineers . https://doi.org/10.1109/CLOUD.2015.159
    Kanstrén, Teemu ; Lehtonen, Sami ; Kukkohovi, Hilkka. / Opportunities in using a secure element to increase confidence in cloud security monitoring. Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE Institute of Electrical and Electronic Engineers , 2015. pp. 1093 - 1098
    @inproceedings{f9e1f3978e884b5dacb48f65376b7725,
    title = "Opportunities in using a secure element to increase confidence in cloud security monitoring",
    abstract = "In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.",
    keywords = "cloud computing, cryptography, monitoring, probes, virtual machining",
    author = "Teemu Kanstr{\'e}n and Sami Lehtonen and Hilkka Kukkohovi",
    year = "2015",
    month = "8",
    day = "20",
    doi = "10.1109/CLOUD.2015.159",
    language = "English",
    pages = "1093 -- 1098",
    booktitle = "Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on",
    publisher = "IEEE Institute of Electrical and Electronic Engineers",
    address = "United States",

    }

    Kanstrén, T, Lehtonen, S & Kukkohovi, H 2015, Opportunities in using a secure element to increase confidence in cloud security monitoring. in Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE Institute of Electrical and Electronic Engineers , pp. 1093 - 1098, IEEE 8th International Conference on Cloud Computing, New York, United States, 27/06/15. https://doi.org/10.1109/CLOUD.2015.159

    Opportunities in using a secure element to increase confidence in cloud security monitoring. / Kanstrén, Teemu; Lehtonen, Sami; Kukkohovi, Hilkka.

    Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE Institute of Electrical and Electronic Engineers , 2015. p. 1093 - 1098.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - Opportunities in using a secure element to increase confidence in cloud security monitoring

    AU - Kanstrén, Teemu

    AU - Lehtonen, Sami

    AU - Kukkohovi, Hilkka

    PY - 2015/8/20

    Y1 - 2015/8/20

    N2 - In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.

    AB - In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.

    KW - cloud computing

    KW - cryptography

    KW - monitoring

    KW - probes

    KW - virtual machining

    U2 - 10.1109/CLOUD.2015.159

    DO - 10.1109/CLOUD.2015.159

    M3 - Conference article in proceedings

    SP - 1093

    EP - 1098

    BT - Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on

    PB - IEEE Institute of Electrical and Electronic Engineers

    ER -

    Kanstrén T, Lehtonen S, Kukkohovi H. Opportunities in using a secure element to increase confidence in cloud security monitoring. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE Institute of Electrical and Electronic Engineers . 2015. p. 1093 - 1098 https://doi.org/10.1109/CLOUD.2015.159