期刊文献+

IaaS环境可信证明方法研究

Research on Trusted Attestation Method in IaaS Environment
下载PDF
导出
摘要 提出一种基于时间戳的基础设施即服务(IaaS)动态可信证明方法。通过对云节点进行实时的动态度量,并将度量结果与度量时间绑定,验证云节点的当前运行状态可信。基于该方法,结合IaaS的服务业务流程,设计云节点注册证明、虚拟机启动证明及虚拟机关闭证明等远程证明方法,证明用户虚拟机运行于状态可信的云节点上,同时保证虚拟机数据的完整性和机密性。 A timestamp-based dynamic remote attestation method oriented to Infrastructure as Services(IaaS) is proposed.This method measures the dynamic cloud nodes' state in real time,binds the time of measurement with the result,and verifies the current trusted running state of cloud nodes.Based on the method,the attestation methods of cloud node register,remote virtual machine boot and shutdown in IaaS computing environment are designed.These IaaS attestation methods can be used to prove that the user's virtual machine is booted on a cloud node with trusted running state,and protect the integrity and confidentiality of virtual machine data.
出处 《计算机工程》 CAS CSCD 2012年第5期117-119,共3页 Computer Engineering
基金 国家"863"计划基金资助项目(2009AA01Z437) "核高基"重大专项(2010ZX01037-001-001) 中国科学院软件研究所信息安全国家重点实验室开放课题基金资助项目 北京工业大学博士启动基金资助项目(00700054R1764)
关键词 基础设施即服务 可信证明 实时证明 动态度量 时间戳 可信云节点 Infrastructure as Service(IaaS) trusted attestation real-time attestation dynamic measurement timestamp trusted cloud node
  • 相关文献

参考文献6

  • 1Sailer R,Zhang Xiaolan,Jaeger T,et al.Design and Implementation of a TCG-based Integrity Measurement Architec-ture[C] //Proc.of the l3th USENIX Security Symp..San Diego,USA:[s.n.] ,2004.
  • 2Poritz J,Schunter M,Herreweghen E V,et al.Property Attestation-scalable and Privacy Friendly Security Assessment of Peer Computers[R].IBM,Research Report:RZ-3548,2004.
  • 3崔艳莉,沈昌祥.属性远程证明中完整性测量的可信性证明[J].计算机工程,2010,36(21):11-13. 被引量:4
  • 4Haldar V,Chandra D,Franz M.Semantic Remote Attestation:A Virtual Machine Directed Approach to Trusted Computing[C] //Proc.of the 3rd USENIX Virtual Machine Research and Technology Symp..San Jose,USA:[s.n.] ,2004.
  • 5Garriss S,Caceres R,Berger S,et al.Towards Trustworthy Kiosk Computing[C] //Proc.of 2007 Conference on Hot Mobile.Tucson,USA:[s.n.] ,2007:41-45.
  • 6Trusted Computing Group.TCG TPM Specification Version 1.2,Revision 116(Design Principles)[EB/OL].(2011-03-01).http://www.trustedcomputinggroup.org/developers/trusted_platform_module/specifications.

二级参考文献7

  • 1Trusted Computing Group.TPM Main Part 1 Design Principles Specification Version 1.2[EB/OL].(2003-04-30).http://www.trustedcomputinggroup.org.
  • 2Sadeghi A,Stuble C.Property-based Attestation for Computing Platforms: Caring About Properties,Not Mechanisms[C]//Proc.of NSPW’04.Nova Scotia,Canada: [s.n.],2004: 67-77.
  • 3Goguen J A,Meseguer J.Security Policies and Security Models[C]//Proc.of IEEE Symposium on Security and Privacy.Oakland,California,USA: IEEE Computer Society,1982: 11-20.
  • 4Rushby J.Noninterference,Tansitivity,and Channel-control Security Policies[R].Stanford,California,USA: Stanford Research Institute,Tech.Rep.: csl-92-2,1992.
  • 5Bakkali H E,Kaitouni B I.Predicate Calculus Logic for the PKI Trust Model Analysis[C]//Proc.of IEEE International Symposium on Network Computing and Applications.Cambridge,Massachusetts,USA: IEEE Press,2001: 368-371.
  • 6王飞,吕辉军,沈昌祥.基于可信计算的终端数据分类保护[J].计算机工程,2008,34(4):1-3. 被引量:1
  • 7赵佳,沈昌祥,刘吉强,韩臻.基于无干扰理论的可信链模型[J].计算机研究与发展,2008,45(6):974-980. 被引量:29

共引文献3

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部