虚拟可信平台模块动态信任扩展方法

发布时间：2018-06-04 22:54

本文选题：可信计算 + 可信平台模块(TPM)　；参考：《软件学报》2017年10期

【摘要】：将可信计算技术应用到虚拟计算系统中,可以在云计算、网络功能虚拟化(network function virtualization,简称NFV)等场景下,提供基于硬件的可信保护功能.软件实现的虚拟可信平台模块(virtual trused platform module,简称v TPM)基于一个物理TPM(physical TPM,简称p TPM),可让每个虚拟机拥有自己专属的TPM,但需要将对p TPM的信任扩展到v TPM上.现有方法主要采用证书链来进行扩展,但在虚拟机及其v TPM被迁移后,需要重新申请v TPM的身份密钥证书,可能会存在大量的短命证书,成本较高,且不能及时撤销旧p TPM对v TPM的信任扩展,也不能提供前向安全保证.提出了一种v TPM动态信任扩展(dynamic trust extension,简称DTE)方法,以满足虚拟机频繁迁移的需求.DTE将v TPM看作是p TPM的一个代理,v TPM每次进行远程证明时,需从一个认证服务器(authenticaiton server,简称AS)处获得一个有效的时间令牌.DTE在v TPM和p TPM之间建立了紧密的安全绑定关系,同时又能明显区分两种不同安全强度的TPM.在DTE里,v TPM被迁移后,无需重新获取身份秘钥证书,旧p TPM可及时撤销对v TPM的信任扩展,而且DTE可提供前向安全性.从原型系统及其性能测试与分析来看,DTE是可行的.
[Abstract]:Applying trusted computing technology to virtual computing system can provide hardware-based trusted protection function under cloud computing, network function virtualization of network function virtualization and other scenarios. The virtual trused platform module, module implemented by the software is based on a physical TPM(physical TPM (p TPM), which enables each virtual machine to own its own TPMs, but it needs to extend its trust in p TPM to v TPM. The existing methods mainly use certificate chain to extend, but after the virtual machine and its v TPM are migrated, the identity key certificate of v TPM needs to be reapplied, so there may be a large number of short life certificates and the cost is high. Moreover, it can not undo the trust extension of old p TPM to v TPM in time, nor can it provide forward security guarantee. In this paper, a dynamic trust extension (DTE) method for v TPM dynamic trust extension is proposed to satisfy the need of frequent migration of virtual machines. It regards v TPM as a proxy of p TPM, v TPM, for remote authentication every time. A valid time token. DTE is obtained from an authentication server called authentication server. DTE establishes a tight security binding relationship between v TPM and p TPM, and can distinguish two kinds of TPM with different security strength. After the migration of v TPM in DTE, the old p TPM can revoke the trust extension of v TPM in time, and DTE can provide forward security. From the prototype system and its performance test and analysis, DTE is feasible.
【作者单位】：武汉大学计算机学院;软件工程国家重点实验室(武汉大学);
【基金】：国家重点基础研究发展计划(973)(2014CB340600) 国家自然科学基金(61772384)~~
【分类号】：TP309

【相似文献】