The Design And Implementation Of Trust Verification Server's Trust Service Module

With the popularization and opening of Internet,the business data increases hugely,which promote enormous development of the Cloud Computing.It also has been increasingly widely applied,such as the Cloud of Storage,Cloud of Things,Cloud of Games,etc.Cloud computing is now and will always continue to welcome another burst home and abroad.However,the customer wonder if it is secure to use the cloud,as the frequent security issue recent years.Cloud security has become the key issue for user of all walks of life.The Trust Computing represented by TPM provide a new approach to solve the problem proposed above.Trust computing by configuring security enhanced hardware components for the platform,change the platform to a trust computing environment.On one hand,it solves the problem that just relay on software to achieve security.On the other hand,every operation,including computing and storage,is controllable,esoteric and authenticity in the trust computing environment.Our paper provide a new solution to implement the cloud servers security,based on the Trust Platform Module.Base on the Linux Operation System,we study the TPM2.0 specification,which provided by the Trust Computing Group,design and implement a Trust Validation Server,TVS for short.The TVS configures with the TPM chip as the root of trust,and provide trust services for the requesting servers.According the security characters,our Trust Service Module include two key sub module,the Trust Key Module and the Trust NV Storage Module.The first module is response for getting keys,managing keys,encrypt data and decrypt data,etc.The second module is response for store some sensitive information,such as the private module of the asymmetrical secret key,etc.On the one hand,the security function has been realized in the hardware ship;On the other hand,the information stored in the NV space cannot be access by free.This provided guarantee for the trust security system and security communication.This paper design all the functions of the Trust Service Module and implement it.Then increase the thread pool to solve the received request form the ordinary serves,to improve the performance.We build the test environment based on the TPM Emulator,and then start several VM simulating the servers,and sent the request to TVS to test the performance and function of the system.The test result indicate that the TVS can work normally,and after increasing the thread pool,the service performance improved significantly.