摘要
虚拟化技术实现了云中硬件资源的共享,但也给主机安全带来了新的挑战。从虚拟化环境中主机系统的可信性需求出发,针对传统设计的TPM模块在虚拟化环境中性能和资源的不足,提出利用性能更高、易于灵活扩展的PCI-E接口密码卡替代传统TPM的方法。结合密码卡、虚拟化技术和可信服务功能构建一个高性能的虚拟可信平台,为虚拟平台上的应用提供可信度量、可信存储服务,从而有效地解决云端服务器的安全、可信问题。
Virtualization technology achieved the sharing of hardware resources in the cloud, but it also brings new challenges to the host security. This article from the trusted requirements of the host system in the virtualization environment, in view of the traditional design of TPM module performance problems and the lack of resources in the virtualization environment, puts forward using the PCI-E interface HSM which has the performance more flexible and easy to extend to replace the traditional TPM. It combined with the HSM,virtualization technology and trusted services to build a high performance virtual trusted platform, provides trusted measures, trusted storage service for the application of virtual platforms, so as to effectively solve the problem of the cloud server security and credible.
出处
《信息技术》
2016年第1期171-176,共6页
Information Technology
关键词
可信计算
可信存储
密码卡应用
虚拟化
云安全
trusted computing
trusted storage
HSM application
virtualization
cloud security
