Opportunities in using a secure element to increase confidence in cloud security monitoring

Teemu Kanstrén, Sami Lehtonen, Hilkka Kukkohovi

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

2 Citations (Scopus)

Abstract

In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.
Original languageEnglish
Title of host publicationCloud Computing (CLOUD), 2015 IEEE 8th International Conference on
PublisherInstitute of Electrical and Electronic Engineers IEEE
Pages1093 - 1098
ISBN (Electronic)978-1-4673-7286-2, 978-1-4673-7287-9
DOIs
Publication statusPublished - 20 Aug 2015
MoE publication typeA4 Article in a conference publication
EventIEEE 8th International Conference on Cloud Computing - New York, United States
Duration: 27 Jun 20152 Jul 2015
Conference number: 8

Conference

ConferenceIEEE 8th International Conference on Cloud Computing
Abbreviated titleCLOUD
CountryUnited States
CityNew York
Period27/06/152/07/15

Fingerprint

Monitoring
Visibility
Hardware
Industry
Hardware security

Keywords

  • cloud computing
  • cryptography
  • monitoring
  • probes
  • virtual machining

Cite this

Kanstrén, T., Lehtonen, S., & Kukkohovi, H. (2015). Opportunities in using a secure element to increase confidence in cloud security monitoring. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on (pp. 1093 - 1098). Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/CLOUD.2015.159
Kanstrén, Teemu ; Lehtonen, Sami ; Kukkohovi, Hilkka. / Opportunities in using a secure element to increase confidence in cloud security monitoring. Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. Institute of Electrical and Electronic Engineers IEEE, 2015. pp. 1093 - 1098
@inproceedings{f9e1f3978e884b5dacb48f65376b7725,
title = "Opportunities in using a secure element to increase confidence in cloud security monitoring",
abstract = "In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.",
keywords = "cloud computing, cryptography, monitoring, probes, virtual machining",
author = "Teemu Kanstr{\'e}n and Sami Lehtonen and Hilkka Kukkohovi",
year = "2015",
month = "8",
day = "20",
doi = "10.1109/CLOUD.2015.159",
language = "English",
pages = "1093 -- 1098",
booktitle = "Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Kanstrén, T, Lehtonen, S & Kukkohovi, H 2015, Opportunities in using a secure element to increase confidence in cloud security monitoring. in Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. Institute of Electrical and Electronic Engineers IEEE, pp. 1093 - 1098, IEEE 8th International Conference on Cloud Computing, New York, United States, 27/06/15. https://doi.org/10.1109/CLOUD.2015.159

Opportunities in using a secure element to increase confidence in cloud security monitoring. / Kanstrén, Teemu; Lehtonen, Sami; Kukkohovi, Hilkka.

Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. Institute of Electrical and Electronic Engineers IEEE, 2015. p. 1093 - 1098.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Opportunities in using a secure element to increase confidence in cloud security monitoring

AU - Kanstrén, Teemu

AU - Lehtonen, Sami

AU - Kukkohovi, Hilkka

PY - 2015/8/20

Y1 - 2015/8/20

N2 - In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.

AB - In this paper we discuss applications of a secure element (SE) such as trusted platform module (TPM) for increasing confidence in cloud security monitoring from the cloud customer viewpoint. Monitoring security of cloud-based systems is similar in many ways to traditional in-house networks, but with the difference that the actual hardware is hosted by an external party and not under our control. This provides some unique challenges and opportunities for security monitoring. We discuss these challenges, identify related opportunities for SE use, and use these to present solutions to the identified challenges. This is based on three different use cases identified together with our industry partners. These are the monitoring of elements of the host infrastructure, monitoring our virtualized guest instances running on this infrastructure, and collecting and archiving log data for later external auditing of the cloud customer services. For each of these, we describe the problem area and different ways we have applied a TPM to increase trust and visibility.

KW - cloud computing

KW - cryptography

KW - monitoring

KW - probes

KW - virtual machining

U2 - 10.1109/CLOUD.2015.159

DO - 10.1109/CLOUD.2015.159

M3 - Conference article in proceedings

SP - 1093

EP - 1098

BT - Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on

PB - Institute of Electrical and Electronic Engineers IEEE

ER -

Kanstrén T, Lehtonen S, Kukkohovi H. Opportunities in using a secure element to increase confidence in cloud security monitoring. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. Institute of Electrical and Electronic Engineers IEEE. 2015. p. 1093 - 1098 https://doi.org/10.1109/CLOUD.2015.159