Internet or web-based services are increasingly based on multi-tenant cloud-based infrastructure services, also referred to as Infrastructure as a Service (IaaS) or resource-on-demand services. Resource-on-demand or IaaS services are typically provided by data centers that host large numbers of physical servers and associated resources. The physical servers are managed by virtualization software, which dynamically creates virtual servers for requesting customers. Using virtualization, a single hardware server can host multiple virtual servers. Individual virtual servers are referred to as server instances or virtual machines, and are created based on virtual machine memory images that are provided or specified by customers.
In an IaaS environment, virtual machine images may be used to specify the guest operating system and software applications that will run on behalf of customers. Virtual machine images are highly configurable and are usually built by extending and customizing an existing virtual machine image. For example, a customer could take an existing image that contains an installation of an operating system and then install their own software product, configure it, and then transform the result into a new image that is shared with a customer community.
Customers have the option to store and run their images privately, or they can share such images with other customers. In some cases, customers may make virtual machine images public, to be shared by the customer community at large. This requires a certain level of trust by consumers of the images, with respect to the image producers and any other parties who may have been involved in conveying the images to the consumers. For example, a consumer should trust that the producer did not install malware or open a covert channel into the operating environment. The consumer should also trust that the machine image was protected properly by intermediate parties, to prevent a rogue employee or third party from maliciously tampering with the machine image.