Safety virtualization method of trusted crypto module

A cryptographic module and virtualization technology, applied in computer security devices, software simulation/interpretation/simulation, instruments, etc., can solve the problem that a single physical TCM cannot meet the specific needs of multiple virtual machines for TCM.

Inactive Publication Date: 2009-12-09
CHANGSHU NANJING NORMAL UNIV DEV RES INST
View PDF0 Cites 45 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to solve the deficiencies of the prior art, and provide a method for secure virtualization of trusted

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety virtualization method of trusted crypto module
  • Safety virtualization method of trusted crypto module
  • Safety virtualization method of trusted crypto module

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0028] The technical solution of the trusted cryptographic module security virtualization method provided by the present invention is to implement a virtual TCM instance supporting the use of a client virtual machine on a virtual machine based on a VMM model, and establish a trust root from a physical machine to a virtual machine. The specific way of realizing the virtual TCM instance is as follows:

[0029] Set up a virtual TCM manager and a virtual TCM persistent storage area in the privileged virtual domain of the virtual machine;

[0030] Create and manage a virtual TCM instance through the virtual TCM manager, the established virtual TCM instance simulates the physical TCM, and provides the function of the physical TCM (such as sealed storage, remote certification, key management) for the customer virtual machine; and through the virtual TCM manager Provide channels for communication between client virtual machines and virtual TCM instances, issue certificates for virtual...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a safety virtualization method of a trusted crypto module; a virtual TCM instance for supporting the usage of a guest virtual machine is realized on the virtual machine based on a VMM model, so as to built a trust chain from a physical machine to the virtual machine; a TCM manager and a virtual TCM permanent memory area are arranged in a privilege virtual domain of the virtual machine; the virtual TCM instance is built and managed by the virtual TCM manager, and the built virtual TCM instance simulates physical TCM for providing the function of the physical TCM for the guest virtual machine; and a information chancel for the communication of the guest virtual machine and the virtual TCM instance is provided by the virtual TCM manager, so as to issue certificate to the virtual TCM instance and support the virtual TCM instance to access the virtual TCM permanent memory area and the physical TCM; the virtual TCM permanent memory area is adopted to store the related information of the virtual TCM instance. The method integrates the characteristics of the virtual machine and the technical advantages of the trustworthy computing, the function of the trusted crypto module is realized by a simulating way, and the problem that specific requirements to TCM of a plurality of the virtual machines can not be met by single physical TCM is solved.

Description

technical field [0001] The present invention relates to the technical field of computer information security, mainly relates to a system virtual machine technology based on a virtual machine monitor (Virtual Machine Monitor, VMM) and a trusted computing technology based on a trusted cryptographic module, in particular to a secure virtualization of a trusted cryptographic module method. Background technique [0002] System virtualization based on the VMM model is to simulate the core functions of physical hardware in software, and provide the same access interface for the operating system on the virtual machine as accessing the physical hardware, so that multiple operating systems can run simultaneously on the same physical platform. And provide transparent services for the resources required for each operating system to run. This model not only guarantees the independence of the client virtual machine environment, but also provides good system isolation characteristics, whi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/455G06F21/00G06F9/445G06F21/53
Inventor 王丽娜余荣威柯晋匡波周凯尹磊尹帆金新任正伟
Owner CHANGSHU NANJING NORMAL UNIV DEV RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap