TPM-Performance Sensible Key Management Protocols for Service Provisioning in Cloud Computing

A Trusted Platform Module (TPM) is a small and hence low-performance hardware chip whose main function — at least for the service provisioning topic of this paper — is to play a trusted third party’s role inside a service provisioning computing platform so that the platform will have what we call a behaviour conformity property. The property of behaviour conformity is most needed in service oriented applications, such as utility computing, grid computing and the new notion of cloud computing, where a resource-scarce user (guest) submits jobs to be computed at computational resource providers (hosts). It is inevitable that prior to a session of service provisioning, security protocols will run between the guest, the host, and the TPM. For service provisioning to have scalability albeit TPM’s low performance, such a protocol needs to be carefully designed not to place the TPM in a bottleneck position. We propose a protocol mechanism by remodelling the original TPM being the trusted computing base (TCB) into two sub-components: a high performance software TCB which is a measured virtual machine monitor to delegate most of the functions of the TPM, and the original low performance TPM TCB which retains the software measurement function inside itself for low frequent uses. Our result has an independent value for wide deployment of TCG technologies.