摘要
With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module(TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model(DIMM) based on virtual Trusted Platform Module(v TPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.
With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity mea- surement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module (TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted plat- form can not guarantee the dynamic credibil- ity, this paper put forward Dynamic Integrity Measurement Model (DIMM) based on vir- tual Trusted Platform Module (vTPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the se- curity of the entire user domain. Based on the framework, this paper put forward Self-mod- ify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasi- bility of the proposed model with comparison experiments.
基金
supported by National Natural Science Foundation of China (61170254,61379116), Hebei Natural Science Foundation Project (F2016201244)
Hebei Province Science and Technology Research Project of Higher Education (ZD2016043)
Hebei Engineering Technology Research Center for IOT Data Acquisition & Processing, North China Insitute of Science and Technology, Hebei 065201,China
