Trusted measurement system and method for cloud hosts

A technology of credibility and cloud host, applied in the field of information security, can solve the problems of destroying the integrity of the trust chain, lack of portability, and lack of wide applicability, so as to ensure the integrity of trustworthiness and extreme portability good effect

Active Publication Date: 2018-01-05
DATANG GAOHONG XINAN ZHEJIANG INFORMATION TECH CO LTD
View PDF5 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The above-mentioned disclosed technical solution completely relies on the trusted platform module to measure the integrity of the physical machine and virtual machine of the cloud host. When the virtual machine needs to

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted measurement system and method for cloud hosts
  • Trusted measurement system and method for cloud hosts
  • Trusted measurement system and method for cloud hosts

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments.

[0027] Such as figure 1 As shown, the cloud host includes a physical machine and a virtual machine, the physical machine is configured with a trusted platform module (TPM: Trusted Platform Module), the trusted platform module is provided with a PCR (platform configuration register) register, and the trusted platform module has the ability to generate and manage Key, encryption and decryption processing, saving measurement value and other functions. During the boot process of the physical machine, the trusted platform module measures each component of the physical machine to verify the integrity of the physical machine. The trusted startup process is: during the startup process of the physical machine, the metric value calculation is performed on the code or data to be executed, the calculated metric value is hashed, and the generated hash val...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a trusted measurement system and method for cloud hosts. According to the system and method, a virtual trusted platform module is configured in virtual environment, trusted measurement is carried out on physical environment through a trusted platform module, trusted measurement is carried out on the virtual environment through the virtual trusted platform module, and a complete trusted chain from a physical machine to a virtual machine is constructed, so that trusted completeness verification for the physical environment and the virtual environment of a cloud host can berealized; and the constructed trusted chain does not depend on the trusted platform module of the physical machine, so that when the virtual machine is migrated, a space for storing measurement values of the virtual machine is divided in a virtual PCR register of a target host machine, measurement values of the physical machine of the target host machine are copied to a corresponding bit of the virtual PCR register, and when the virtual machine is started, the virtual machine is measured and the measurement value is stored in the corresponding bit of the virtual PCR register, so as to complete trusted chain reconstruction of the migrated virtual machine. The system and method are extremely good in transportability and can be widely applied to cloud computation platforms.

Description

technical field [0001] The invention relates to a trusted measurement system and method of a cloud host, belonging to the technical field of information security. Background technique [0002] At present, the cloud computing platform has become the main basic computing platform, and the cloud host includes the physical environment built by physical machines and the virtual environment built by virtual machines. In order to ensure the credibility of the cloud computing platform, it is necessary to ensure the credibility of both the physical environment and the virtual environment. In this way, the integrity measurement of the cloud computing platform includes both the credibility measurement of the physical environment and the credibility measurement of the virtual environment. . The Chinese invention patent application with the application number 201510513472.1 discloses a method for constructing a virtualized trusted server trust chain, which uses the trusted platform modu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F9/455
Inventor 郑驰梁思谦
Owner DATANG GAOHONG XINAN ZHEJIANG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap