| Cloud computing is the technology which is very popular in the field of academic and industry nowadays. The advantage of cloud computing, including allocating resources on demand, good dynamic scalability, high efficiency of resource utilization and green computing has attracted the attentions of a lot of people. In cloud computing, the data of tenants is stored in Cloud Service Providers (CSP) and the CSP is responsible for the safety calculation and safety storage of data. Because the tenants lost the control of their data, some security issues of cloud computing such as how to prevent CSP’s malicious administrators to peep at the data of the tenants, how to prevent unauthorized tenants of the illegal access and how to make the tenants trust CSP have become the hinder to the development of cloud computing.Because of the distrust for CSP, more and more enterprises begin to build private cloud environment themselves. Private cloud refers to the enterprises build the infrastructure of cloud computing themselves and the tenants of the private cloud are its internal staff and external customers. The company has the autonomous right of the infrastructure of the private cloud. So it can improve the service on its own demand and carry on the independent innovation as well. Compare with public cloud, private cloud has avoided a lot of security risks. But it still has many problem of security, especially how to build and maintain a safe and trusted private cloud.In recent years, more and more people begin to pay attention to the technology of trusted computing. Trusted computing reflects the overall safety, from the inside out and changes passive defense to active defense. At present, the design of security model which is combined trusted computing with cloud computing is a hot research branch and Terra, TCCP and vTPM are the popular models. Although these model solve some problem of the cloud security, there are still some deficiencies and these models cannot be good for private cloud environment.In this paper, we propose a trusted private cloud model based on the centralized measurement and storage. The model is designed for Infrastructure as a Service (IaaS). It can build a trusted platform module of private cloud (PC-TPM) to build a trusted private cloud. PC-TPM is composed of several hosts with TPM chips and it is responsible for the centralized measurement and centralized storage of measure value and related keys. The advantage of the model is making the responsibility of trusted measurement and trusted storage centralize to a specific trusted host group which makes the responsibility of the hosts which offer the service of virtualization clear and single. The paper designed the various modules in PC-TPM, designed the internal communication mechanism of PC-TPM and designed the communication mechanism between PC-TPM and the hosts which offer the service of virtualization. So the model is a relatively complete trusted private cloud model.In the paper, we put forward a trusted private cloud model (TPCM) based on the centralized measurement and storage. It provides a new train of thought about how to combine trusted computing with cloud computing and it is good for the study of others. |
PDF Full Text Request