Research On Remote Attestation And Authentication Of Cloud Computing

Cloud computing will become the processor and memory and other physical resources through a certain technology to be able to provide users with the required computing resources, saving the cost of IT, and effectively improve the efficiency of the entire field of computing power. However, due to its ultra large scale, high dynamic and high openness, cloud computing, in addition to facing the common security issues, but also faces the security threats brought by these characteristics.As cloud computing security the first threshold, if can be safe and effective user authentication and cloud computing platform security authentication can control platform access is safety and prevent the platform data from unauthorized access, to ensure the confidentiality of user privacy. Remote attestation as to trusted platform of a validation technique, for cloud computing certification provides a train of thought, by binding to the idea of virtualization, can solve the cloud platform security measure, for the user to choose safe and reliable service to provide strategies and guidance.The thesis studies the remote attestation of cloud computing based on the attribute and behavior. In the direction of researching property based remote attestation, the module attribute is used as the research granularity, and the TPM framework is used to form a remote attestation authentication model based on the attribute of the cloud, and the security analysis is carried out. In addition, the cache processing is done in the process of verifying the attribute certificate, which reduces the frequency of the signature, and improves the efficiency. Based on the behavior of remote attestation research direction, this paper from the point of view of the trust chain of from the boot loading, to the operation of Guest OS, to the operation of the system behavior measurement and certification, the dynamic behavior of the system detection and measurement, and a detailed study of the measurement reference list generation mechanism and real-time measurement and monitoring mechanism.