Cloud computing providers deliver computing infrastructures as a fully outsourced service, enabling companies to reduce capital expenditure on hardware, software and support services by paying a provider only for what they use.
Cloud computing services may be offered at various layers of the software stack. At lower layers, Infrastructure as a Service (laaS) systems allow users to have access to entire virtual machines (VMs) hosted by the provider, and the users are responsible for providing the entire software stack running inside a VM. At higher layers, Software as a Service (SaaS) systems offer online applications that can be directly executed by the users.
Despite its advantages, cloud computing raises security concerns as users have limited means of ensuring the confidentiality and integrity of their data and computation. Users of cloud computing services are particularly vulnerable to malicious providers or malicious customers of the same provider.
In order to increase the security and trust associated with communications to a given computer platform, Hardware Security Modules (HSMs) have been used to enable construction of trusted platforms. An HSM is a coprocessor that is typically affixed to a computer's motherboard. It can create and store cryptographic keys and other sensitive data in its shielded memory and provides ways for platform software to use those services to achieve security goals. A popular HSM in use today is the Trusted Processing Module (TPM), as specified by the Trusted Computing Group (TCG).
While a number of different distributed computing architectures built on the TPM standard have been proposed, security concerns in the cloud computing space still persist.