Research On Virtual Private Terminal Architecture And Its Key Technologies

Almost everyone has his own personal computer or smartphone as the internet age is flourishing.However,public computers,which are provided for use in public places,such as airports,hotels,net cafes,have different benefits of wide distribution,more powerful performance,bigger screen,not necessary to carry,etc.They are one kind of the necessary computing resources in this society because they can be used to solve urgent problems when people need them.When people are using these public computers,they might use them to check the mailbox,to access the online bank system,or even to deal with the financial transaction.These sensitive activities are highly demanding on the security of the computing platform and do not allow any malware to run that may leak sensitive information.Unfortunately,public computers are generally facing problems of overwhelmed malicious code,performance reduction caused by software redundancy,and lack of maintenance resulting from a large number of users.In this insecure computing environment,it is highly possible to leak information or even to divulge secrets if people perform tasks related to privacy,properties,and confidential information of workplace,seriously endangering people's interests.How to isolate a temporary virtual private computing platform,which is called virtual private terminal in this dissertation,from this kind of public computer is studied in this dissertation.Hence,people can securely perform the tasks just like they are using their own computer.The research result can be used to protect people's sensitive information from recording,carrying away or understanding.The strength of privacy preservation and data security can be improved.Based on the summary of the existing research,an architecture is proposed in this dissertation to build a trusted,pure,tamper-free computing environment that has a complete chain of trust from the underlying hardware to the top application layer.A protection framework to prevent leakage of sensitive data and confidential corporate data is designed in detail in three aspects of data storage,information input,and remote authentication.The main research contents and innovative points are as follows:(1)A virtual private terminal architecture that is premised on the trust of the bottom is proposed.Firstly,the security requirements that a virtual private terminal needs to meet is analyzed,including the root of trust,trust transition,isolation mechanism for application programs,platform security report for the remote authentication,etc.Secondly,the virtual private terminal architecture designed in this dissertation is introduced,which contains the motherboard firmware measurement and recovery,the trusted boot module and the operating system security enhancement.The aim of the architecture is to ensure that the virtual private terminal maintains a trusted state during the entire operating cycle from the start of the boot to the end of the shutdown.The trust in the firmware of underlying hardware and the boot module is the primary security premise for the system in the virtual private terminal architecture.The research content of operating system security enhancement is proposed based on the trust of the bottom,including process execution control,memory isolation,input device protection,data encapsulation and remote trusted authentication.Lastly,the security features of the architecture are analyzed.(2)Aiming at the feature that public computers have a large number of users,a data encapsulation model based on computing platform security attributes is presented,utilizing non-migratable keys in the trusted platform module to achieve data binding,which will never be derived from the chip.First,the specific procedure for data encapsulation is given:1)Proofs of TPM secret key stored in an USB key:The valid credential and secret key ID are required when the secret key in the TPM is used.2)External secret key encapsulated by TPM:External secret keys generated out of the TPM are encapsulated and stored in the USB key.3)Data cryptographic calculation executed in CPU:In the encryption/decryption process,the external secret key is extracted and decapsulated from the USB key and is loaded for data encryption/decryption operations in CPU.Second,what can be included in the platform attribute contents is introduced,such as installed operating system updates,processes integrity report and running state of the third-party security software.Lastly,a network access control module that uses TPM for policy encapsulation is designed.Any network access is limited according to the access policy when confidential data are in the unencapsulated state.Any tampering with the content of the policy will result in the thorough disconnection to protect data from leaking.(3)The keyboard protection framework of the virtual private terminal is proposed for the public computing environment.First,the existing attack methods for keyboard recording are summarized from the hardware and software aspects.Key points for keyboard recording implementation in the operating system kernel layer are listed in detail.Then,it is given that the protection framework is composed of three parts,trusted chain,password manager,and memory isolation module,latter two of which are focused on to provide the detailed design,implementation,analysis,and comparison.The password manager encrypts and stores the user's login credentials into the USB key.When it is required to input the username and the password in the browser,the password manager will prompt and help to enter the corresponding login credential after verifying the user's identity.Meanwhile,any malicious information stealing behavior will be blocked by the memory isolation module.(4)Several remote trusted authentication methods for public co;mputing environment are proposed in order to protect users' privacy and enterprises' data.When an insecure computing platform is used,possible harm can be caused during the authentication process or after the connection with enterprise intranet is established.Firstly,an authentication scheme based on computing platform security attributes is proposed after analyzing the possible harm made by the insecure platform.The implementation and analysis of the two solutions to protect both requestor's and verifier's privacy in the authentication procedure are described in detail,one is ABE algorithm based solution,the other is the solution combining with Bloom Filter structure and Paillier encryption algorithm.Secondly,the formal definition and proof of two kinds of the denial authentication scheme are presented.In addition,combining the partial denial authentication protocol with the identity-based signature algorithm on the elliptic curve,an efficient authentication scheme that can bring privacy protection effect to the requestor is also proposed.After the implementation of the scheme,the author analyzes the efficiency of verifying the platform attributes.In the end,a terminal security management framework is provided for the virtual private terminal when it has established the connection to the enterprise intranet using VPN,which can be used to monitor the public computer as a virtual enterprise dedicated computer.In conclusion,the dissertation has designed how to construct a virtual private terminal in the public computing environment from the aspects of underlying architecture of the system,data encapsulation,secure input and remote trusted authentication,so as to provide new ideas containing relevant key technologies to achieve users' privacy preservation and enterprises' data security when the public computers are chosen.