| 云计算环境下可信虚拟机管理模型 |
| |
| 引用本文: | 周振吉,吴礼发,洪 征,赖海光,郑成辉. 云计算环境下可信虚拟机管理模型[J]. 通信学报, 2014, 35(Z2): 13-105. DOI: 10.3969/j.issn.1000-436x.2014.z2.013 |
| |
| 作者姓名: | 周振吉 吴礼发 洪 征 赖海光 郑成辉 |
| |
| 作者单位: | 解放军理工大学 指挥信息系统学院,江苏 南京210007 |
| |
| 基金项目: | 江苏省自然科学基金资助项目(BK2011115, BK20131069) |
| |
| 摘 要: | 为了解决云计算环境下虚拟机管理存在的管理域特权过于集中和用户策略易被恶意篡改等问题,提出了一种可信虚拟机管理模型。模型首先对虚拟机管理域进行了细粒度的划分,赋予管理员和用户不同的管理特权,防止管理员随意访问用户的数据;利用可信计算技术建立可信通道分发用户策略,防止管理员恶意篡改用户策略。安全性分析与实验测试表明,该模型可以有效保护用户数据和用户策略的安全性。
|
| 关 键 词: | 云计算;可信计算;虚拟机管理 |
| 收稿时间: | 2014-07-01 |
Trusted virtual machine management model for cloud computing |
| |
| Zhen-ji ZHOU,Li-fa WU,Zheng HONG,Hai-guang LAI,Cheng-hui ZHENG. Trusted virtual machine management model for cloud computing[J]. Journal on Communications, 2014, 35(Z2): 13-105. DOI: 10.3969/j.issn.1000-436x.2014.z2.013 |
| |
| Authors: | Zhen-ji ZHOU Li-fa WU Zheng HONG Hai-guang LAI Cheng-hui ZHENG |
| |
| Affiliation: | Institute of Command Information System,PLA University of Science and Technology,Nanjing 210007,China |
| |
| Abstract: | For virtual machine in cloud computing, the authorization of manager domain is too centralized to be secure, and the strategies of tenants can be easily falsified. In view of the two problems, a trusted virtual machine management Model for cloud computing infrastructure is proposed. The model provides fine grained manager domain of virtual machine in which both managers and tenants are strictly constrained when they operate on other tenant domains. The sensitive code and data in tenant virtual machine cannot be accessed or falsified without permission. The model creates a trustable tunnel between tenant and system domain, and distributes tenant strategies using the tunnel in a secure way. Security analysis and experimental results show the model ensures the security of tenant data and tenant strategies effectively. |
| |
| Keywords: | cloud computing trusted computing virtual machine management |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
