面向云计算的可信虚拟环境关键技术研究
发布时间:2018-08-19 07:41
【摘要】:云计算是一种基于互联网的计算模式,它将计算任务分布在大量计算机构成的资源池上,消费者能够根据需要获取计算力、存储空间和各种软件服务,并按使用量付费。云计算引起了计算机领域的又一场革新,也带来了许多新的安全问题。基于云计算分布式计算和存储的特点,云计算安全问题可总结为虚拟化安全、应用安全和租户安全三个方面。虚拟化安全包括虚拟机监视器(VMM)的安全和虚拟机操作系统安全两个部分。应用安全包括应用环境安全和可信应用服务。租户安全主要研究在云计算共享计算资源和存储资源的基础上,如何保证租户隔离机制的安全有效,保护租户隐私。从研究现状来看,三方面的研究能在一定程度上解决云计算中的安全问题,但也都存在局限性。当前,可信计算与云计算的结合已经成为研究热点。虚拟技术由于其对虚拟机的高分离性和对资源的高可控性,大大提高了系统的安全性,可信计算在可信认证、可信度量、可信存储等方面为安全应用支撑平台的建立提供了基础支持,从根本上来解决系统的可信性和安全性问题,因此紧密结合可信计算和虚拟技术建立"可信云计算环境",可从根本上确保云环境中用户数据和应用的安全。在沈昌祥院士提出的云计算安全可信架构下,本文把租户隔离机制的可信要求加入到可信云计算环境中,从虚拟计算资源可信、应用环境可信和租户隔离可信三个方面展开研究,建立面向云计算的可信虚拟环境,并对其中的关键技术进行研究,取得下面四个方面的成果。(1)把可信计算与虚拟化技术相结合,提出了一种安全虚拟机完整性监控机制SVMIM(Security Virtual Machine Integrity Monitor),构建可信虚拟计算资源环境。SVMIM采用混杂模式的安全结构,基于可信计算技术对虚拟机操作系统的代码加载过程进行监视和控制,有效克服"语义差别"问题,并保证安全机制自身的可信;同时,SVMIM基于虚拟机网络引导机制,在网络存储端使用存储克隆技术,最大程度地降低安全机制对系统性能的影响。(2)利用可信计算技术,建立可信的应用环境。在云计算平台中,云应用不仅包括一般的可执行程序,也包括Java应用和Web服务。由于Java程序的平台无关性,一些传统的基于操作系统层对可执行程序进行可信度量的方法并不适应。本文先利用SVMIM机制,建立可信的可执行程序应用环境,并且通过对JVM的可信改造,建立起一个可信Java平台(Trusted Java Platform,TJP),实现信任链在JVM中的传递,确保云计算应用环境的可信。(3)为了让租户购买云计算服务,云计算服务提供商(Cloud Service Provider,CSP)必须证明云计算中的租户隔离机制的有效性,提高租户对云计算隔离机制的信心。而现有的云租户隔离机制只是单方面满足CSP的可信要求,注重对云服务的某些外部属性进行测量,不能满足租户对云租户隔离机制的高安全性要求。本文给出了一种面向透明可控要求的可信云租户隔离机制,把透明可控性要求看作是一种云计算系统中不同安全域之间的信息流,它将云租户隔离机制的内部策略和实时运行信息从云管理平台安全域传送到租户安全域,从而为租户测量和验证云租户隔离机制提供了一种方法和手段;同时,本文还通过信息流无干扰理论证明了所提出机制的安全有效性,进一步提高了租户对云租户隔离机制的信心水平。(4)实现云桌面系统这一云计算中的典型应用来对本文提出的方法进行验证和实验。可信云桌面系统从建立可信虚拟计算资源环境、可信应用环境和可信租户隔离环境三个方面来进行设计,并给出了每个功能模块详细的设计思路和实现方法,最后对原型系统进行安全性分析和性能测试,证明了其实际可用性。
[Abstract]:Cloud computing is an Internet-based computing model, which distributes computing tasks over a pool of resources made up of a large number of computers. Consumers can obtain computing power, storage space and various software services according to their needs, and pay for them according to their usage. Cloud computing has brought about another innovation in the computer field and many new security issues. Based on the characteristics of distributed computing and storage in cloud computing, cloud computing security can be summarized as virtualization security, application security and tenant security. Virtualization security includes two parts: the security of virtual machine monitor (VMM) and the security of virtual machine operating system. Application security includes application environment security and trusted application services. Household security mainly studies how to ensure the security and effectiveness of the tenant isolation mechanism and protect the privacy of the tenants on the basis of sharing computing and storage resources in cloud computing. The combination has become a research hotspot. Virtual technology greatly improves the security of the system because of its high separation of virtual machines and high controllability of resources. Trusted computing provides basic support for the establishment of secure application support platform in the aspects of trusted authentication, trusted measurement, trusted storage and so on, and solves the trustworthiness of the system fundamentally. Therefore, a trusted cloud computing environment based on Trusted Computing and virtual technology can fundamentally ensure the security of user data and applications in the cloud environment. Virtual computing resource trustworthiness, application environment trustworthiness and tenant isolation trustworthiness are studied. A cloud-oriented trustworthiness virtual environment is established, and the key technologies are studied. The following four results are obtained. (1) Combining trusted computing with virtualization technology, a security virtual machine integrity monitoring is proposed. The mechanism SVMIM (Security Virtual Machine Integrity Monitor) is used to construct a trusted virtual computing resource environment. SVMIM uses a hybrid security architecture to monitor and control the code loading process of the virtual machine operating system based on trusted computing technology, which effectively overcomes the "semantic differences" problem and ensures the trustworthiness of the security mechanism itself. SVMIM is based on virtual machine network boot mechanism and uses storage cloning technology in network storage to minimize the impact of security mechanism on system performance. (2) Establish a trusted application environment using trusted computing technology. In cloud computing platform, cloud applications include not only general executable programs, but also Java applications and Web services. Because of the platform independence of Java program, some traditional methods based on operating system layer to measure the trustworthiness of executable program are not suitable. In this paper, we first use SVMIM mechanism to establish a trusted executable program application environment, and through the trustworthiness transformation of JVM, establish a trusted Java Platform (TJP), and implement it. (3) Cloud Service Provider (CSP) must prove the validity of the tenant isolation mechanism in cloud computing and enhance tenants'confidence in cloud computing isolation mechanism in order to let tenants buy cloud computing services. It unilaterally satisfies the trusted requirements of CSP and pays attention to the measurement of some external attributes of cloud services. It can not satisfy the high security requirements of the cloud tenant isolation mechanism. This paper presents a trusted cloud tenant isolation mechanism for transparent and controllable requirements, and regards the transparent and controllable requirements as different security requirements in a cloud computing system. Information flow between domains, which transfers the internal policy and real-time running information of the cloud tenant isolation mechanism from the cloud management platform security domain to the tenant security domain, provides a method and means for tenants to measure and verify the cloud tenant isolation mechanism; at the same time, this paper also proves the security of the proposed mechanism through the theory of information flow non-interference. (4) Implementing cloud desktop system, a typical application in cloud computing, to verify and experiment the proposed method. Trusted cloud desktop system includes three aspects: establishing trusted virtual computing resource environment, trusted application environment and trusted tenant isolation environment. The detailed design ideas and implementation methods of each functional module are given. Finally, the prototype system is analyzed and tested to prove its practical usability.
【学位授予单位】:北京交通大学
【学位级别】:博士
【学位授予年份】:2017
【分类号】:TP3
[Abstract]:Cloud computing is an Internet-based computing model, which distributes computing tasks over a pool of resources made up of a large number of computers. Consumers can obtain computing power, storage space and various software services according to their needs, and pay for them according to their usage. Cloud computing has brought about another innovation in the computer field and many new security issues. Based on the characteristics of distributed computing and storage in cloud computing, cloud computing security can be summarized as virtualization security, application security and tenant security. Virtualization security includes two parts: the security of virtual machine monitor (VMM) and the security of virtual machine operating system. Application security includes application environment security and trusted application services. Household security mainly studies how to ensure the security and effectiveness of the tenant isolation mechanism and protect the privacy of the tenants on the basis of sharing computing and storage resources in cloud computing. The combination has become a research hotspot. Virtual technology greatly improves the security of the system because of its high separation of virtual machines and high controllability of resources. Trusted computing provides basic support for the establishment of secure application support platform in the aspects of trusted authentication, trusted measurement, trusted storage and so on, and solves the trustworthiness of the system fundamentally. Therefore, a trusted cloud computing environment based on Trusted Computing and virtual technology can fundamentally ensure the security of user data and applications in the cloud environment. Virtual computing resource trustworthiness, application environment trustworthiness and tenant isolation trustworthiness are studied. A cloud-oriented trustworthiness virtual environment is established, and the key technologies are studied. The following four results are obtained. (1) Combining trusted computing with virtualization technology, a security virtual machine integrity monitoring is proposed. The mechanism SVMIM (Security Virtual Machine Integrity Monitor) is used to construct a trusted virtual computing resource environment. SVMIM uses a hybrid security architecture to monitor and control the code loading process of the virtual machine operating system based on trusted computing technology, which effectively overcomes the "semantic differences" problem and ensures the trustworthiness of the security mechanism itself. SVMIM is based on virtual machine network boot mechanism and uses storage cloning technology in network storage to minimize the impact of security mechanism on system performance. (2) Establish a trusted application environment using trusted computing technology. In cloud computing platform, cloud applications include not only general executable programs, but also Java applications and Web services. Because of the platform independence of Java program, some traditional methods based on operating system layer to measure the trustworthiness of executable program are not suitable. In this paper, we first use SVMIM mechanism to establish a trusted executable program application environment, and through the trustworthiness transformation of JVM, establish a trusted Java Platform (TJP), and implement it. (3) Cloud Service Provider (CSP) must prove the validity of the tenant isolation mechanism in cloud computing and enhance tenants'confidence in cloud computing isolation mechanism in order to let tenants buy cloud computing services. It unilaterally satisfies the trusted requirements of CSP and pays attention to the measurement of some external attributes of cloud services. It can not satisfy the high security requirements of the cloud tenant isolation mechanism. This paper presents a trusted cloud tenant isolation mechanism for transparent and controllable requirements, and regards the transparent and controllable requirements as different security requirements in a cloud computing system. Information flow between domains, which transfers the internal policy and real-time running information of the cloud tenant isolation mechanism from the cloud management platform security domain to the tenant security domain, provides a method and means for tenants to measure and verify the cloud tenant isolation mechanism; at the same time, this paper also proves the security of the proposed mechanism through the theory of information flow non-interference. (4) Implementing cloud desktop system, a typical application in cloud computing, to verify and experiment the proposed method. Trusted cloud desktop system includes three aspects: establishing trusted virtual computing resource environment, trusted application environment and trusted tenant isolation environment. The detailed design ideas and implementation methods of each functional module are given. Finally, the prototype system is analyzed and tested to prove its practical usability.
【学位授予单位】:北京交通大学
【学位级别】:博士
【学位授予年份】:2017
【分类号】:TP3
【参考文献】
相关期刊论文 前10条
1 沈昌祥;;创新和发展我国信息安全等级保护制度[J];网络安全技术与应用;2016年04期
2 张玉清;王晓菲;刘雪峰;刘玲;;云计算环境安全综述[J];软件学报;2016年06期
3 沈昌祥;公备;;基于国产密码体系的可信计算体系框架[J];密码学报;2015年05期
4 沈昌祥;;关于我国构建主动防御技术保障体系的思考[J];中国金融电脑;2015年01期
5 王晓龙;丁丽萍;廖晓锋;金波;林渝淇;王秀利;王永吉;;基于动态信任根的虚拟机监控器动态完整性度量架构[J];计算机应用;2014年S2期
6 丁滟;王怀民;史佩昌;吴庆波;戴华东;富弘毅;;可信云服务[J];计算机学报;2015年01期
7 闫鑫;王庆生;王生原;;分区操作系统内核中隔离性质的研究[J];太原理工大学学报;2014年04期
8 刘川意;林杰;唐博;;面向云计算模式运行环境可信性动态验证机制[J];软件学报;2014年03期
9 赵波;向,
本文编号:2191101
本文链接:https://www.wllwen.com/shoufeilunwen/xxkjbs/2191101.html
