| Virtualization is the core technology of cloud computing. With the development of cloud computing and virtualization technology large-scale deployment, profound changes have taken place in the traditional IT infrastructure, including the scalability, high availability, load balance, improving utilization rate on resource etc.. However, while virtualization technology is improving the scale and efficiency, it also brings some problems about safety and security at the same time and that the traditional methods are not fully applicable to the virtual environment in cloud. As more and more users adopt cloud-computing deployment based IT architecture, urgent need arose in adopting a new technical scheme to solve the security problem of virtualization in cloud environment. Trusted computing technology is a security technology of information system, including the trusted hardware and trusted software, trusted network and trusted computing applications etc.. The application of making trusted computing technology into the new environment of virtualization in a reliable way to ensure the virtual machine’s integrity and trustworthiness, has become an important method in solving the virtualization security.This paper makes traditional trusted computing technology apply into the virtualization environment. Combined with the properties of trust chain transferring action in virtual platform, trusted measurement scheme is given to meet the trusted computing specification, Thus ensure that the cloud computing’s virtual environment system is safe and reliable. In this paper, firstly, the characteristics of virtual platform are analyzed; the virtual platform is divided into a host of physical layer, virtual machine manager layer, the virtual machine layer. Then, each layer are designed of key components based on trusted computing with the design of the transfer of trust relationship between each component of the chain of trust. In accordance with "first measurement then implementation" approach, after the principle of level measurement level, a level of trust level, until the trust chain reaches to the virtual machine, and ensure the safety of trusted virtual machine. The final part is a design of Trusted virtualization platform remote attestation scenario, the virtual TPM state with host TPM states combine to provide a more comprehensive platform for the authenticator state. Last, Implementation the virtual trusted platform prototype system based on KVM virtualization technology, and the key part of the system is verified. Experimental results show that the amount of credibility and execution, the trust chain transfer, the state has proven to be an effective platform to reflect and protect the security of the virtualization platform.The paper has a certain theoretical and practical significance in to solve the virtualization security issues to promote the application scope of trusted computing technology. This paper also has some shortcomings. Next step in the research focus on improve the efficiency of the implementation of trusted computing in virtualized environments and design of dynamic migration method of virtual domain trust root... |
PDF Full Text Request