Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker. (arXiv:2310.03522v1 [cs.CR])

When software services use cloud providers to run their workloads, they place
implicit trust in the cloud provider, without an explicit trust relationship.
One way to achieve such explicit trust in a computer system is to use a
hardware Trusted Platform Module (TPM), a coprocessor for trusted computing.
However, in the case of managed platform-as-a-service (PaaS) offerings, there
is currently no cloud provider that exposes TPM capabilities. In this paper, we
improve trust by integrating a virtual TPM device into …

aws cloud cloud provider computer coprocessor explicit hardware lambda platform relationship run services software system tpm trust trusted platform module workloads