Unlock instant, AI-driven research and patent intelligence for your innovation.

Cluster system with credible data exchange and credible data exchange method

A technology of data exchange and cluster system, applied in the direction of data exchange network, data exchange details, digital transmission system, etc., can solve problems such as uncontrollable, middleware man attack, no TPM root of trust, etc., and achieve good reliability and reliability And the effect of improved controllability and small delay

Active Publication Date: 2021-03-19
中安可信(青岛)网络科技有限公司 +2
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The inventor found that in the process of data exchange between nodes in the current cluster system, there is a risk of man-in-the-middleware attacks; without the support of the TPM root of trust and the transmission of the chain of trust, each layer of the software stack has the risk of being tampered with logic , so the reliability of various encryption authentication mechanisms cannot be guaranteed
[0005] To sum up, the current cluster system generally has the problem of unreliable and uncontrollable data exchange between nodes within the cluster

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cluster system with credible data exchange and credible data exchange method
  • Cluster system with credible data exchange and credible data exchange method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] In order to solve the problem of trusted data exchange between nodes in the cluster, refer to figure 1 , the present embodiment provides a trusted cluster system for data exchange, which includes:

[0039] Several nodes communicating with each other, these nodes are distributed in a broadcast domain;

[0040] Trusted root TPM, which is installed on the node and corresponds to the node one by one;

[0041] The trusted measurement agent, which runs independently on each node, is used to regularly broadcast trusted information in the domain and listen to trusted information broadcast by other nodes in the domain.

[0042] In this embodiment, the unique ID of the trusted root TPM is used as the unique ID of the node. Based on TPM, the trustworthiness of BIOS, Bootload and operating system should be guaranteed at least.

[0043] In this embodiment, the trusted measurement agent is a logically independent subsystem whose credibility is guaranteed by the TPM root of trust. ...

Embodiment 2

[0049] refer to figure 2 , a trusted cluster system for data exchange in this embodiment, including:

[0050] Several nodes communicating with each other, these nodes are distributed in at least two broadcast domains;

[0051] Trusted root TPM, which is installed on the node and corresponds to the node one by one;

[0052] The trusted measurement agent, which runs independently on each node, is used to periodically broadcast trusted information in the domain, listen to trusted information broadcast by other nodes in the domain, spread trusted information across domains, and receive and extract trusted information propagated by other domains.

[0053] In this embodiment, the unique ID of the trusted root TPM is used as the unique ID of the node. Based on TPM, the trustworthiness of BIOS, Bootload and operating system should be guaranteed at least.

[0054] In this embodiment, the trusted measurement agent is a logically independent subsystem whose credibility is guaranteed by...

Embodiment 3

[0063] This embodiment provides a trusted data exchange method, which is based on the trusted cluster system for data exchange as described in the first embodiment, and uses a trusted measurement agent running independently on each node to periodically broadcast trusted information in the domain and Listen to trusted information broadcast by other nodes in the domain.

[0064] In this embodiment, based on the root of trust TPM, each node operates a logically independent trusted measurement subsystem-trusted measurement agent, which realizes bypass monitoring; compared with the traditional technology that only relies on PKI, the cluster of this embodiment The reliability and controllability of data exchange in the system are significantly improved; each node regularly publishes its own node information to all nodes in the broadcast domain by means of broadcasting. Broadcasting will be discovered by other nodes in the same domain. If an illegal node accesses the cluster to prete...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the field of cluster data exchange, and provides a cluster system with credible data exchange and a credible data exchange method. The cluster system with credible data exchange comprises a plurality of nodes which communicate with one another, wherein the nodes are distributed in a broadcast domain; a trusted root TPM which is installed on the nodes and is in one-to-one correspondence with the nodes; and a trusted measurement agent which independently runs on each node and is used for periodically broadcasting the trusted information in the domain and monitoring the trusted information broadcasted by other nodes in the domain. Based on a trusted root TPM and a trusted measurement agent which operates logically and independently, safe and reliable exchange of databetween nodes can be ensured.

Description

technical field [0001] The invention belongs to the field of cluster data exchange, and in particular relates to a cluster system and a trusted data exchange method for data exchange. Background technique [0002] The statements in this section merely provide background information related to the present invention and do not necessarily constitute prior art. [0003] Currently, cluster systems are becoming more and more common, such as hyper-converged systems, distributed storage systems, big data systems, etc. This type of system is composed of multiple nodes, and the nodes are interconnected through the network, and the data exchange between the nodes is frequent. [0004] The inventor found that in the process of data exchange between nodes in the current cluster system, there is a risk of man-in-the-middleware attacks; without the support of the TPM root of trust and the transmission of the chain of trust, each layer of the software stack has the risk of being tampered ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32H04L12/18
CPCH04L63/0281H04L63/0218H04L63/0853H04L12/1863H04L12/1881H04L9/3234
Inventor 石磊马亮刘春姜健
Owner 中安可信(青岛)网络科技有限公司