RAitc: Securely auditing the remotely executed applications

Abstract

One of the most important security challenges in remote computing (e.g., cloud computing) is protecting users' applications running on the service platform from malicious attacks. Because remote users have little control over the platform, a malicious platform manager or platform-sharing guest acting as an adversary can easily create an untrustworthy execution environment. Prior studies have leveraged trusted third party (TTP)-based and trusted execution environment (TEE)-based approaches to mitigate such security issues, but these approaches still provide little transparency from the user's perspective. To address this challenge, we present a remote auditing approach based on an identified trust chain (RAitc) to analyze the correctness of remotely loaded applications. The chain is constructed with two goals: The first is to identify the remote platform to ensure that the user has a designated service system; the second is to build a trust chain from the user to the designated platform via verifiable computing-based module measurements and kernel-based application auditing. RAitc achieves a higher guarantee of safety in securely monitoring and verifying the integrity of remote applications executed by users. In addition, RAitc is both easier and more fiexible for the extension of the trust base. Our implementation of RAitc protects users' remote execution environments while requiring an acceptable overhead on the target system in application auditing. We rigorously and comprehensively evaluated the effectiveness and performance of RAitc. The results show that RAitc performs effectively and has acceptable resource consumption.