ArmoredSoftware: Trust in the cloud

Abstract

ArmoredSoftware is a new approach for establishing and maintaining trust among software systems operating in a cloud computing environment. Using remote attestation techniques, ArmoredSoftware components assess their environments and determine appropriate actions ranging from simply reporting issues to migration and mitigation. Each ArmoredSoftware component is packaged with lightweight measurement, attestation and appraisal capabilities that use TPM virtualization techniques to establish and maintain roots of trust. Appraisal capabilities request information from other collocated software components and the operational environment that respond by executing attestation protocols to gather and report evidence. Using techniques from trusted computing, attestation protocols also generate cryptographic signatures used to assess the trustworthiness of gathered evidence. In the appraiser, gathered evidence is used to assess the appraisal target while cryptographic signatures are used to assess trustwortniness of evidence.

This poster and accompanying demonstration represent the first public presentation of the ArmoredSoftware approach. We will outline the ArmoredSoftware architecture describing appraisal, attestation, and measurement. We will briefly present our evolving approach focusing on measurement and execution of attestation protocols. Our demonstration will show and end-to-end demonstration of a simple appraisal activity illustrating important ArmoredSoftware concepts. 

Presenter Bio

Dr. Perry Alexander is a Professor in the Electrical Engineering and Computer Science Department and Director of the Information and Telecommunication Technology Center at The University of Kansas.  His research interests include system-level modeling, heterogeneous specification, formal verification, and trusted systems.  He received the BSEE and BSCS in 1986, the MSEE in 1988, and the PhD in 1992 all from The University of Kansas.  From September 1992 through July 1999 he was a faculty member and director of The Knowledge-Based Software Engineering Laboratory in the Electrical and Computer Engineering and Computer Science department at The University of Cincinnati.  He is the chief architect of the Rosetta system specification language currently being standardized by IEEE. Dr. Alexander has published over 100 refereed research papers and presented numerous invited presentations.  He has won 20 teaching awards and was named a Kemper Teaching Fellow and the ASEE's Midwest Region Teacher of the Year in 2003 and received the Sharp Teaching Professorship in 2009.