摘要
提出一种基于时间戳的基础设施即服务(IaaS)动态可信证明方法。通过对云节点进行实时的动态度量,并将度量结果与度量时间绑定,验证云节点的当前运行状态可信。基于该方法,结合IaaS的服务业务流程,设计云节点注册证明、虚拟机启动证明及虚拟机关闭证明等远程证明方法,证明用户虚拟机运行于状态可信的云节点上,同时保证虚拟机数据的完整性和机密性。
A timestamp-based dynamic remote attestation method oriented to Infrastructure as Services(IaaS) is proposed.This method measures the dynamic cloud nodes' state in real time,binds the time of measurement with the result,and verifies the current trusted running state of cloud nodes.Based on the method,the attestation methods of cloud node register,remote virtual machine boot and shutdown in IaaS computing environment are designed.These IaaS attestation methods can be used to prove that the user's virtual machine is booted on a cloud node with trusted running state,and protect the integrity and confidentiality of virtual machine data.
出处
《计算机工程》
CAS
CSCD
2012年第5期117-119,共3页
Computer Engineering
基金
国家"863"计划基金资助项目(2009AA01Z437)
"核高基"重大专项(2010ZX01037-001-001)
中国科学院软件研究所信息安全国家重点实验室开放课题基金资助项目
北京工业大学博士启动基金资助项目(00700054R1764)
关键词
基础设施即服务
可信证明
实时证明
动态度量
时间戳
可信云节点
Infrastructure as Service(IaaS)
trusted attestation
real-time attestation
dynamic measurement
timestamp
trusted cloud node