Experiences in Trusted Cloud Computing

While trusted computing is a well-known technology, its role has been relatively limited in scope and typically limited to single machines. The advent of cloud computing, its role as critical infrastructure and the requirement for trust between the users of computing resources combines to form a perfect environment for trusted and high-integrity computing. Indeed, the use of trusted computing is an enabling technology over nearly all 'cyber' areas: secure supply chain management, privacy and critical data protection, data sovereignty, cyber defense, legal etc. To achieve this, we must fundamentally redefine what we mean by trusted and high-integrity computing. We are required to go beyond boot-time trust and rethink notions of run-time trust, partial trust, how systems are constructed, the trust between management and operations, compute and storage infrastructure and the dynamic provisioning of services by external parties. While attestation technologies, so-called run-time trust and virtualized TPM are being brought to the fore, adopting these does not solve any of the fundamental problems of trust in the cloud.