IaaS云虚拟机eID可信验证系统

为了解决云计算模式下数据与计算迁移造成的用户与云之间的互可信问题,从硬件平台、用户身份和用户行为多个维度,研究并设计了IaaS云虚拟机(eID)可信验证系统. 硬件平台采用可信第三方架构,采用全国唯一的公民网络电子身份eID标识用户身份,建立诚信记录,评估用户行为. 通过用户身份可信性验证、虚拟机可信性验证等4个阶段,有效解决了用户与云之间的互可信问题. 实验结果表明,该系统可抵御常见攻击方式,安全性高,且其计算时间复杂度在可接受范围内.

Research on eID-Based Virtual Machine Trusted Attestation System in IaaS Cloud

In cloud computing, the data and computation migration gives rise to trust problems between the user and the cloud. Including the hardware platform, the multiple dimensions method was studied, as well as the user identity and behavior. The electronic identity (eID)-based virtual machine trusted attestation system in infrastructure-as-a-service (IaaS) cloud was designed. The hardware platform was used for trust third party architecture. The citizen's network eID was used as users unique authoritative identity. The credit records were also applied to evaluate the user's behaviors. Four steps were adopted to solve the trust problem between two sides, including trusted attestation of the user identification and trusted attestation of the virtual machine. Experiment analysis shows that this system can defend common attacks, it is more safety, and the time complexity is within acceptable limitations.