Dependable virtual platform and construction method thereof, data migration method among platforms

Abstract

The invention discloses a dependable virtual platform and a construction method thereof, a data migration method among platforms. The dependable virtual platform comprises a hardware security chip, a virtual machine monitor (VMM), an administrative domain, a user domain and a dependable serving domain (TSD), wherein an expanded trust chain is used by the TSD for users to establish dependable operating environment. The construction method includes: building the TSD; then establishing secure communication mechanisms between the managing domain and the TSD and between the managing domain and a domestic user domain; accomplishing calls of security application of the user domain to a dependable function by the user domain through interaction with the managing domain, accomplishing transmission and treatments of dependable orders by the managing domain through the interaction of the TSD; interacting a source platform migration engine and a goal platform migration engine; migrating migration data which is produced and based on the hardware security chip and the TSD to a goal platform, and recovering data on the goal platform, accomplishing quick migration of the TSD and a virtual machine. The dependable virtual platform and the construction method thereof, the data migration method among platforms are capable of improving safety of dependable service and providing flexible operation and deployment mechanisms for the platforms.

Description

technical field [0001] The invention relates to a trusted virtual platform and a construction method thereof, in particular to a trusted virtual platform based on a trusted service domain, a construction method thereof, and a data migration method between platforms, belonging to the technical field of information security. Background technique [0002] At present, the rapid development and application of cloud services based on virtualization technology has further promoted and used the virtualization platform, and its security issues have also become the focus of attention of users. In the new computing environment supported by virtualization technology (such as Infrastructure as a Service, facility as a service IaaS cloud), resources and services are provided in the form of virtual machines, and users lose control over their data and cannot use local resources like The same implementation of security management cannot ensure the reliability of its data and services. At th...

AI Technical Summary

Problems solved by technology

[0007] What the present invention aims to solve is the problem that the amount of management domain codes in the existing trusted virtual platform construction method continues to increase and the possibility of being attacked is increased due to excessive reliance on the management domain, and it is not easy to flexibly deploy and quickly migrate

Images