| In recent years, more and more computer users tend to keep their work document, favorite text, and even personal photos storing on a network hard drive. On their view, as long as there is a network, they can upload and download their needing at any time. It is very convenient that large network disk and ubiquitous network interface replace portable disk. Major network service vendors which have introduced a variety of personal network storage and computing services are very happy to meet this trend. Subsequently they build a lot of data storage centers and computing centers. In this trend cloud computing came into being. Cloud computing is a new Internet application model, which can integrate various data center in different areas to form a cloud computing platform which have larger capacity and faster computation.Users to enjoy the convenience brought by the cloud, but also worried about the problems it brings. For important data of users stored on the network hard drive, users not only concerned it will be intercepted or tampered with from upload and download, but also concerned attacker to steal it collude with network service vendors. More and more security problems have hindered the development of cloud computing. By tireless research of professors and scholars of cloud computing security, using trusted technology on cloud platform is the best way. It make cloud platform to trusted cloud platform. Trusted computing is a hardware-security technology, which implants a trusted root in computer BIOS and uses trusted chain mechanism to expand trust range from trusted root to the entire platform. Trusted technology is a safeguard of cloud platform security.One of the important aspact of the trusted cloud platform security is remote attestation of platform. Currently remote attestation program, which completes the work by the authentication server, uses security attribute and platform number information as identity. If their identity information were intercepted by attackers, the shortcomings of remote attestation are not only to expose the platform privacy but also to expose the location of the platform and have risk to target attacks. In the present of increasingly concerning about privacy and anonymity, it is obvious to not be accepted for user.As the increase in the number of users, the authentication server's workload have increased which became the bottleneck of the remote attestation.In summery, this paper presents a trusted ring signature program for remote attestation. It uses trusted technology, and combines itself and many trusted platform to form the ring identity information, and provides it to the users. Attackers who intercept ring identity information are not analyzing the location of the platform and not analyzing the platform privacy. This program can ensure security of platform. Most of the work completed by the platform itself, the authentication server need only to store and provide all identity information in the ring, but not to manipulate it. It is conluded that remote attestation of trusted ring signature can ensure the anonymity of the platform and solve the authentication server's overload problem.This paper realizes cloud platform by using open software Eucalyptus, and realizes trusted ring signature by using programmable IPsec protocol cluster. Experiment show that trusted ring signature can efficiently realize on cloud platform, and can ensure anonymity and reduce burden of the authentication server. |
PDF Full Text Request