Research On The Trust Chain Model With Waterfall Characteristic And Its Analysis Methods Of The Trusted Virtualization Platform

The trusted virtual platform which is constructed by the combination of virtualization technology and trusted computing and its trust chain have become one of the key focuses in the researched fields.But at present,most of the researching achievements construct the trust chain by extending the conventional trust chain model.As a result,the model is not precise and the logic is not completely reasonable.Moreover,two separated trust chains have existed,one is starting with the underlying virtual platform,and the other is the starting with the top-level user virtual machine.And the current no interference theory formalism method defines that the action only belongs to the domain.But something important belong to the cloud environment are not defined,such as the system action subject.So it cannot be fully applicable to the trust chain model under the cloud computing environment.In order to solve this problem,this paper proposes a trusted virtual platform which has the characteristic of the waterfall.The trusted virtual platform add a trusted joined point,which is mainly built by virtual mechanism module,virtual trusted platform module build module,the virtual machine and its virtual trusted platform module of binding modules.When trusted virtual platform to start,not only can participated in the underlying virtualization platform in static measure,but also can be together as a virtual machine and virtual trusted module launch dynamic measurement of virtual trusted root.In the trusted virtual platform,the trusted connection point has a waterfall feature,which forms a connecting link between the preceding and the underlying virtualization platform to start the output as the measurement of the virtual machine to start input,which like the waterfall in the software design features.Then this paper build the trust chain model based on the trusted virtual platform.This model starts with the physicalTPM,and increases a Trusted-Joint Point called TJP between the chain of the underlying virtual platform and the chain of the top-level user VM.The TJP is in charge of the measurement of v TPM for VM after the trusted chain is transmitted from the underlying virtual platform to the TJP,and then the v TPM gets the control,and is in charge of the measurement of the related components and applications of the top-level user VM in the starting process.The TJP which has the waterfall characteristic between the underlying virtual platform and the top-level user VM can be viewed as a connecting link,and it can satisfy with the hierarchical and dynamic characteristics of the virtual platform,moreover guarantee the trust of the whole virtual platform.This trusted virtual platform is implemented on the Xen platform,the experimental results based on Xen show that this trust chain transfer method can guarantee that the trusted virtualization environment is safe and reliable in the whole operation process.Then,this paper proves the safety of trust chain model based on the formal analysis of security system logic,which mainly contain underlying physical platform and credible connecting point,and level of validation and remote proof in the form of local analysis.All of them can prove the reliability and security of the trust chain model.Finally this paper proposes a trust chain formalism method,based on the extension of no interference theory.According to the present no interference theory don't consider the security domain of the main body,action and the action of security domain and the influence of the system state to carry on the detailed instructions when the cloud environment in running.Subject to no interference theory in security domain action belongs to such as extension in detail,and defined the cloud computing environment is not passed no interference security theorem,combined with the virtual platform and credible trust chain for instance verification without interference.