基于可信平台模块的虚拟机安全协议 |
| |
作者姓名: | 刘谦 骆源 翁楚良 李明禄 |
| |
作者单位: | 上海交通大学计算机科学与工程系,上海,200240 |
| |
基金项目: | 国家重点基础研究发展计划(973计划)项目计算系统虚拟化基础理论及方法研究[2007CB310900] |
| |
摘 要: | 为了保证虚拟机间通信的安全,存取控制是经常采用的手段。但是存取控制的灵活性和扩展性都有一定的限制。为了克服这一局限性,本文提出了一套针对虚拟机系统的安全协议。安全协议以可信平台模块作为可信根,建立起从底层硬件到虚拟机中应用的信任路径,从而有效并安全地实现了密钥及证书的发放、身份认证、虚拟机间保密通信和密钥及证书更新的功能。此外,本文在Xen中成功实现了这套安全协议。
|
关 键 词: | 虚拟机 安全协议 身份鉴别 可信平台模块 |
Security protocols based on trusted platform module for virtual machine system |
| |
Authors: | LIU Qian LUO Yuan WENG Chu-liang LI Ming-lu |
| |
Affiliation: | LIU Qian,LUO Yuan,WENG Chu-liang,LI Ming-lu(Computer Science & Engineering Department,Shanghai Jiao Tong University,Shanghai 200240,China) |
| |
Abstract: | Access control is the widely used way to guarantee the security of communication between virtual machines(VMs).But it is limited in flexibility and scalability.To overcome this limitation,this paper proposes a suite of security protocols for virtual machine systems.These security protocols establish a trusted path from bottom hardware to applications in VMs,by utilizing trusted platform module(TPM) as the trusted root.As a result,security functions,including granting key and certificate,identity authenticat... |
| |
Keywords: | virtual machine security protocol identity authentication trusted platform module |
本文献已被 CNKI 维普 万方数据 等数据库收录! |
|