摘要
可信的云计算运行环境很大程度决定了云服务的推广和有效使用.采用可信计算技术的基本假设是所有在运行环境中安装的内核模块和应用程序都需要事先指定并已知其执行代码的完整性信息.这个假设在云用户实际使用时往往是不可能的.所以该文提出了一种将虚拟可信根vTPM和可信审计技术结合起来的用户可信运行环境构建与审计机制.对于体系结构栈中可事先固定的、在启动和运行时不变的组件,通过vTPM作可信根保证可信启动;对于运行过程中变化的、无法事先确定的组件,文中提出了一种可信审计的方法,即对用户虚拟机的运行态环境进行证据收集和证据审计,监测实际使用中用户运行环境的可信性.若用户运行环境处于不可信状态,则及时通知用户采取相应措施.最后文中基于该可信机制的原型系统对其有效性和性能代价进行定量测试和评价,实验结果表明:该机制针对典型的不可信威胁是有效的,且引入的性能代价对用户实际使用的影响可以忽略.
Trustworthiness is a critical factor for the large-scale use of cloud services. However, traditional Trusted Computing technologies only work with the assumption that all the kernel modules and user-space processes installed in the tenant's virtual machine should be pre-fixed and the integrity digests should be pre-confirmed. This paper proposes a practical mechanism for trusted cloud environment construction and audit, which combines virtual Trusted Platform Module (vTPM) and trust evidence audit, vTPM guarantees the trusted boot up, while the audit method check the trust status of the run-time virtual machine based on auditing the trusted evidence collected from the memory of the user virtual machine. A prototype is also implemented according to the above mechanism. Experimental results show that the mechanism is effective and the performance overhead incurred is minor.
出处
《计算机学报》
EI
CSCD
北大核心
2016年第2期339-350,共12页
Chinese Journal of Computers
基金
国家自然科学基金(61202081)资助~~
关键词
云计算
可信审计
虚拟可信平台模块
可信计算
cloud computing
trust audit
virtual trusted platform module
trusted computing
