Research On Model Of Full Disk Encryption Based On Trusted Virtual Machine

Encrypted storage technology can solve the security problem of information storage. However, the traditional encryption software is more concerned about the static storage security of information in the storage medium, neglecting the temporary version of the secret information, such as the system hibernation file, page file and temporary files, which are generated by the user during dynamic access processes. Full disk encryption technology can protect the information security more roundly. But the existing full disk encryption products have some problems: Each product supports a less kinds of operating systems, limiting the usage scope; the program used to system booting is storaged in the form of plaintext, leaving some security threats, so they are not the strict meaning of full disk encryption.This thesis makes in-depth research into the problems mentioned above and presents a model of full disk encryption based on trusted virtual machine. The major jobs are as follows:(1) For the shortage of the products of full disk encryption, this thesis proposes a model of full disk encryption based on trusted virtual machine. For the security of virtualizaition, the model constructs a trusted virtualization environment using the trusted computing technology to ensure the security and credibility of the encryption and decryption environment. In this model, all of the data, which is written to disk, including temporary files generated by guest operating system, is encrypted and storage. It has the strict meaning function of full disk encryption. Compared with the existing encryption systems, the model has wider applicability.(2) TPM is the core of ensuring the security of full disk encryption. For security vulnerabilities of TPM object access authorization protocol in the virtual environment, this thesis proposes a new object access authorization protocol to replace the original OIAP and OSAP. It allows authorization data to be shared among virtual domains without the possibility of the impersonation attack. In addition, the security of protocol is proved by BAN logic.(3) A key recovery scheme based on Shamir secret sharing and blinding signature is proposed in this thesis. This scheme allows only the users who have the right to know the secret to recovery the main key. It does not allow administrators to use their highest administrative rights to recover the user key and access confidential information which they do not have the privileges to know. This is effective to prevent against unauthorized access to secret information.