Secure and reliable VM-vTPM migration in private cloud

Cloud computing, which has emerged as one of the most influential paradigms in the IT industry in recent years, is powered by the concept of virtualization technology. For achieving energy efficiency, load balancing and high availability of physical server in Cloud Data Center, the virtual machines should be migrated from one physical server to another. During the migration process, some steps should be taken to protect user´s data and privacy. The extension of trusted computing to virtual systems using vTPMs can make the virtual machine more secure and reliable. So vTPM should be migrated to destination platform together with its corresponding virtual machine. However, most of the present researches just focus on the migration of VM without considering the vTPM migration. Moreover, the current migration protocols are not secure enough. In this paper, we focus on the secure implementation of virtual machine migration from one platform to another platform in private cloud model. We propose a thorough and secure VM-vTPM migration scheme. In this scheme we first propose a vTPM key structure to make non-migratable vTPM keys to be migratable. Then we leverage on this structure to construct a secure VM-vTPM migration protocol which includes three phases. The first phase is a dual authentication between source platform and destination platform, the second phase is the migration of vTPM, and the third phase is the migration of VM. Finally, we analyze the security of our protocol to make sure our proposed protocol can realize all the security goals such as confidentiality and integrity, authentication of source and destination platform, preserving the association between VM and vTPM, and atomicity of the transfer.