论文信息 - Integrity Measurement Model Based on Trusted Virtual Platform

Integrity Measurement Model Based on Trusted Virtual Platform

A secure and trusted execution environment is a fundamental requirement for distributed network, so that the integrity of service provider platform should be verified prior to services’ distribution in order to assure that the platform is free from a malicious modification and attack. In this paper, we proposed an implementation of trusted execution environment based on the combination of trusted computing and virtualization technology. On the service provider’s platform, from the very beginning of Virtual Machine Monitor (VMM) was booted to the execution environment was set up, all of the platform status changes has been recorded into Platform Configuration Register (PCR) and reported to remote service requester, which make it sure about the trustworthy of the result. Furthermore, the VM image was leveraged to make the execution environment constructed more flexible. Analysis shows our method is efficient and secure.

Yulei Wang | Lihua Zhou | Gang Qiu

[1] Tal Garfinkel,et al. Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[2] Xiaoxin Chen,et al. Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.

[3] Andrew Warfield,et al. Xen and the art of virtualization , 2003, SOSP '03.

[4] Stefan Berger,et al. Building a MAC-based security architecture for the Xen open-source hypervisor , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[5] Trent Jaeger,et al. Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[6] Peng Ning,et al. Managing security of virtual machine images in a cloud environment , 2009, CCSW '09.

[7] Trent Jaeger,et al. Attestation-based policy enforcement for remote access , 2004, CCS '04.

[8] Trent Jaeger,et al. PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.

[9] Butler W. Lampson,et al. A Trusted Open Platform , 2003, Computer.

[10] Stefan Berger,et al. vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.