ABSTRACT
In this chapter, the authors show that target is reachable through the trusted computing technology and, if the corresponding solutions are correctly applied, a great improvement in security is obtained. The Trusted Computing Group has published several specifications defining the concept of Trusted Platform and, more importantly, it proposes an implementation that relies on an additional chip, the Trusted Platform Module, which has already been shipped with millions of devices. The most intuitive solution is to compare the Platform Configuration Register (PCR) values in the trusted platform module to some pre-defined “golden values approach.” This approach provides a high security assurance, but the nature of the PCR extends operation makes its application to runtime measurements difficult. We have shown that verification of the software environment in a cloud computing system is feasible, both for nodes executing just one OS and for nodes running multiple hosted systems as virtual machines.
