Research On Trust Of Virtual Machine In Cloud Platform Based On Trusted Root Server

Cloud computing uses virtualization technology to complete the encapsulation of the underlying resources,and provides the user with the virtual machine.The security of virtual machine directly affects the user's data security.Therefore,the security problem of virtual machine has become a hot issue.Trusted computing platform is an effective means to solve cloud security issues,the current solution is mainly based on XEN,to ensure the safety of the virtual domain through the virtual trusted chip,but this approach has some disadvantages: firstly,the cloud computing platform functions become more complex,increasing cloud computing burden,put forward a a challenge to the performance of the cloud computing platform,the second migration issues in the virtual domain have produced great difficulties.In order to solve the above problems.We can migrate the virtual domain's trusted function and focus on the trusted root server to manage it.At the same time,the trusted root server can also be used for multiple cloud computing platforms.This not only reduces the burden of the cloud computing platform but also saves resources.The basic purpose of trusted root server is to guarantee the security of the virtual domain of the cloud computing platform.It is an important problem that how to use the trusted root server to guarantee the security of virtual domain in the virtual domain,The trusted root server provides trusted protection for the virtual domain of the cloud computing platform through the implementation of trusted chip virtualization,In order to realize the virtual domain of cloud computing platform to access the trusted root server,The important point is to provide a unified interface at the end of the cloud computing platform,which requires the design of trusted root server proxy module in the cloud computing platform,and then shielding trusted root server virtualization scheme,we call this module trusted agent.In this paper,we design and implement the trusted agent architecture based on the Xen virtualization platform,and study the method to realize the virtual domain trust chain with the help of trusted root server.Firstly,the architecture of trusted agent is designed,all the connections to the cloud computing platform and trusted root server employee trusted agent module to deal with.including cloud computing virtual domain establish a connection with trusted root server?the virtual domain corresponds to the establishment of virtual trusted devices and the virtual domain trusted command encapsulation and forwarding,Each part of the trusted agent module is introduced in detail..Secondly,this paper introduces how the trusted root server handles the request of trusted proxy module.Thirdly,the bootstrap process of virtual domain is measured by analyzing the guiding process of virtual domain and key files.Then,it analyzes the startup process of the virtual domain and the key file.Finally,the function of each module of the trusted agent architecture is implemented and verified.The test results show that the design achieves the expected goal.Using trusted agent module and trusted root server to build the virtual domain trust chain to ensure the security and reliability of virtual domain.The trusted agent module is proposed in this paper can guarantee safe and reliable function of the virtual domain,the trust protection function of virtual domain is focused on the trusted agent module,make a clear division of labor and the trusted agent module of trusted trusted root server is a very good package,the virtual domain cannot access the trusted root equipment casually.To protect the security of the virtual domain to reduce the burden of cloud computing platform provides a new idea.