CN103139221A - Dependable virtual platform and construction method thereof, data migration method among platforms - Google Patents
Dependable virtual platform and construction method thereof, data migration method among platforms Download PDFInfo
- Publication number
- CN103139221A CN103139221A CN2013100726574A CN201310072657A CN103139221A CN 103139221 A CN103139221 A CN 103139221A CN 2013100726574 A CN2013100726574 A CN 2013100726574A CN 201310072657 A CN201310072657 A CN 201310072657A CN 103139221 A CN103139221 A CN 103139221A
- Authority
- CN
- China
- Prior art keywords
- domain
- platform
- tsd
- credible
- migration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a dependable virtual platform and a construction method thereof, a data migration method among platforms. The dependable virtual platform comprises a hardware security chip, a virtual machine monitor (VMM), an administrative domain, a user domain and a dependable serving domain (TSD), wherein an expanded trust chain is used by the TSD for users to establish dependable operating environment. The construction method includes: building the TSD; then establishing secure communication mechanisms between the managing domain and the TSD and between the managing domain and a domestic user domain; accomplishing calls of security application of the user domain to a dependable function by the user domain through interaction with the managing domain, accomplishing transmission and treatments of dependable orders by the managing domain through the interaction of the TSD; interacting a source platform migration engine and a goal platform migration engine; migrating migration data which is produced and based on the hardware security chip and the TSD to a goal platform, and recovering data on the goal platform, accomplishing quick migration of the TSD and a virtual machine. The dependable virtual platform and the construction method thereof, the data migration method among platforms are capable of improving safety of dependable service and providing flexible operation and deployment mechanisms for the platforms.
Description
Technical field
The present invention relates to a kind of credible virtual platform and construction method thereof, especially relate to data migration method between a kind of credible virtual platform based on credible service-domain and construction method thereof, platform, belong to field of information security technology.
Background technology
At present, take fast development and the application of Intel Virtualization Technology as the cloud service on basis, make virtual platform further be promoted, use, its safety problem also becomes the focus that the user pays close attention to.Take Intel Virtualization Technology in the novel computing environment that supports (Infrastructure as a Service for example, facility is namely served the IaaS cloud), resource and service are that the mode with virtual machine provides, the user has lost the control to its data, can't implement safety management as using local resource, can not guarantee the reliable of its geodata and services.Simultaneously, virtual platform utilizes its isolation characteristic to support a plurality of virtual machines of concurrent running, with saving operation cost of enterprises, the raising level of resources utilization, but numerous attacks for this characteristic also occurred, causes the privacy of user data to be revealed.Therefore, need the credible running environment Construct question of solution virtual platform badly.Reliable computing technology is based on hardware security chip TPM (Trusted Platform Module, credible platform module), by setting up the trust chain from the bottom hardware to the upper level applications, and utilize credible tolerance and remote proving mechanism to trust proof for the outside provides, be the credible running environment of user's construction platform.
Therefore, utilizing reliable computing technology to build the credible running environment of virtual platform is the focus of studying at present.Consider the particularity of virtual platform framework concurrent running multiple operating system example, need to provide trust service for each user domain, therefore must realize the virtual of root of trust, use the problem of conflict to avoid hardware root of trust resource, set up on this basis the binding relationship between virtual root of trust and hardware root of trust, and utilize existing trusted computer system to build the credible virtual platform.For different safety applications demands, the specific implementation of credible virtual platform may be varied.Zurich, SUI technical tie-up research institute proposes and has realized TPM simulator TPM emulator, has realized most of function of the credible chip of TPM with software form, for the virtual of TPM laid a good foundation.Afterwards, IBM proposes credible virtual platform implementation, virtual root of trust vTPM is implemented in the virtual platform management domain, at first based on the trust chain of hardware root of trust foundation from bottom hardware to virtual root of trust, then utilize virtual root of trust to provide independently root of trust example for a plurality of user virtual machine, build complete credible virtual platform, and provide the scheme of vTPM migration and platform remote proving.Bochum, Germany Rule university is optimized the proof scheme based on vTPM on this basis, proposes vTPM based on attribute to improve the efficient of credible virtual platform remote proving.The research institutions such as domestic Wuhan University, Beijing University of Technology have also proposed many prioritization schemes for the credible virtual platform construction, mainly consider the aspects such as mapping relations between virtual root of trust and hardware root of trust and platform application.
Yet the construction method of existing credible virtual platform can't adapt to the demand of large-scale application in novel computing environment (as cloud computing), mainly has the following disadvantages:
1, the operation and maintenance of virtual root of trust causes platform possibility under fire constantly to increase.Existing method uses the managing process in this territory to be responsible for whole virtual root of trust trusted function scheduling and operation mainly based on XEN virtual platform privilege management territory.Owing to moving numerous finger daemons in management domain, because the operation maintenance of virtual root of trust makes the size of code of management domain constantly increase, its function is also more complicated, causes its possibility under fire to increase.
2, in existing method, vTPM binds by force with management domain, makes the credible virtual platform be difficult for rapid deployment with the excessive coupling of management domain and function is moved.Existing credible virtual platform scheme is overly dependent upon management domain, but has increased the deployment difficulty of telecommunications services in the mass computing environment, also can't satisfy these environment to the demand of trusted function fast transferring.
Summary of the invention
The present invention will solve is that in existing credible virtual platform construction method, the management domain size of code constantly increases and depends on management domain unduly and cause under fire that possibility increases, be difficult for disposing flexibly the problem with fast transferring.For this reason, the invention provides a cover based on data migration method between the credible virtual platform of credible service-domain TSD (Trusted Service Domain) and construction method thereof, platform.The present invention by arrange one independently credible service-domain TSD (being virtual machine) provide virtual root of trust for concurrent user's virtual Domain, rather than a program in the management domain in known method, therefore make the credible virtual platform be easy to dispose, be convenient to operation and migration; Simultaneously because the TSD function singleness, and be independent domains, but the fail safe of isolation mech isolation test raising telecommunications services between the territory that so just can provide based on virtual platform.
The credible virtual platform that the present invention relates to relates to following primary clustering: hardware security chip, monitor of virtual machine VMM (Virtual Machine Monitor), management domain, credible service-domain, domestic consumer territory.Wherein, the hardware security chip is used for providing hardware to trust, VMM and management domain are responsible for resource under virtual platform is distributed, and isolation and data communication between responsible territory, and credible service-domain is used to concurrent user territory (being the domestic consumer territory) that virtual root of trust is provided.
Credible virtual platform construction method and the platform data moving method based on credible service-domain that the present invention relates to are:
1, build credible service-domain, and based on the expansion trust chain of hardware security chip foundation from the virtual platform bottom hardware to TSD, then utilize TSD to set up credible running environment for user domain;
2, set up secure communication mechanism between management domain and TSD, management domain and domestic consumer territory, user domain is by completing alternately its safety applications to the calling of trusted function with management domain, management domain by with the transmission of completing alternately trusted commands and the processing of TSD;
3, source platform migration engine and target platform migration engine are mutual, will migrate to target platform based on the migration data of safety chip and TSD generation, and recover data on target platform, complete the fast transferring of TSD and virtual machine.
Wherein, the implementation method of step 1 mainly comprises:
(1), create and move a lightweight micro-kernel territory on virtual platform, wherein compilation run TPM Emulator, build credible service-domain TSD; TSD sets up independently key structure tree for each user domain, and where necessary, utilize the certificate of the platform identity key A IK ' (Attestation Identification Key) of local privacy certification authority (CA) PCA (Local Privacy Certification Authority) application relative users virtual machine (being user domain), the trust external with the completing user virtual machine proves;
(2), on basic trust chain (CRTM → BIOS → VMM → DOM0 kernel) basis, build the expansion trust chain of CRTM → BIOS → VMM → DOM0kernel → TSD, ensure the credible operation of credible service-domain; The expansion trust chain is built jointly by VMM and management domain.Wherein CRTM (Core Root of Trust for Measurement) is core tolerance root, and BIOS is startup self-detection and system's initial start-up routine, and VMM is monitor of virtual machine, is the kernel of management domain Dom0 at last;
(3), management domain utilizes TSD to build trust chain TSD → INIT → BIOS → OS → APPs for the domestic consumer territory, wherein, INIT is that initial (INITial) loading procedure BIOS implication of user virtual machine is the same, and OS is the operating system nucleus of user virtual machine, and APPs is user application.
Secure communication between management domain dom0 and user domain, management domain and TSD, the main method of employing is:
(1) initialization connects
1) after starting, TSD → management domain: TSD initiatively initiates the connection request bag with management domain, comprising information such as the size of current TSD domain identifier ID, required shared page and quantity;
2) management domain → TSD: according to the basic parameter in request bag, distribute respective resources and return to the condition responsive of successful connection, set up TSD and be connected with the initial communication of management domain;
3) user domain → management domain: after user domain starts, initiatively to the management domain registration, log-on message comprises the information such as active user's domain identifier, required shared page size and number of pages;
4) management domain → user domain: at first management domain determines that own and TSD connects, judge that user domain ID is whether less than the territory ID of TSD, if (True) set up and being connected of user domain, and the request of data instruction of wait user domain, set up failure and notify user domain otherwise connect.
(2) the data interaction stage
5) user domain → management domain: but user domain upper strata safety applications is called this locality telecommunications services, sends the trusted function command packet to management domain, comprising user domain sign, command type, command context etc.; But this locality telecommunications services is provided by management domain, and main being responsible for receives from the request on upper strata and communicate by letter with management domain.
6) management domain → TSD: management domain resolve command type, if the operation (as data encapsulation/deblocking, encrypt/decrypt, signature/sign test etc.) of local platform inside is forwarded to order TSD; If to outside platform operations (externally proving as user domain), by management domain by mutual with TSD and bottom TPM, directly process this command request;
7) TSD → management domain: the TSD processing command also returns to its execution result;
8) management domain → user domain: management domain identifies according to user domain, result is returned be forwarded to user domain, completes command process.
In above-mentioned communication process, user domain can only be mutual with management domain, just can be forwarded to TSD after the message in disabled user territory must be checked by management domain, thereby further strengthen the fail safe of TSD.
The quick migration method of credible virtual platform provided by the invention is as follows:
(1), source platform initiatively initiates migration request, wherein comprise random number r
S, information such as migration type etc. signature, and with the public key encryption of target platform;
(2), target platform receives migration request, certifying signature also obtains random number r
S, distribute corresponding resource according to the migration type:
1), single be user domain when migration, only need to create new virtual root of trust example in the existing credible service-domain of this platform, and create empty virtual machine instance, for the example that is about to migration provides operation resource (internal memory, file system etc.);
2), when all use user domain (the being user VMs) migration of TSD, target platform need to create the empty virtual machine instance consistent with source platform quantity, and be the migration distribution resource requirement of TSD;
(3), target platform generates the random number r of oneself
DAnd with source platform random number r
SReturn to together source platform, confirm that migration connects foundation;
(4), source platform collects information needed, comprises credible service-domain to be migrated (example) and user virtual machine mirror image, with itself and both sides' random number (r
S, r
D) together as data to be migrated, after the generating messages summary, utilize K
MSend to target platform after encryption.Wherein, the symmetric key K that is used for enciphered data
MGenerated by the source platform migration engine, and the transportable key K of using TPM to provide
TPMProtection;
(5), target platform utilizes TPM key migration mechanism with the transportable key K of source platform
TPMImport, the migration data that deciphering is received, after checking eap-message digest and random number success, the source VM (being the user domain of source platform) that the deletion of notification source platform is had moved and corresponding TSD
S(or example);
(6), after target platform receives the order of source data deletion, loads new TSD (or example), and the operation of recovery user virtual machine.
Another object of the present invention is to provide a credible virtual plateform system, its chief component comprises: monitor of virtual machine VMM, three kinds of functional domains (management domain, credible service-domain, domestic consumer territory) and two service-Engines (secure communication engine and safety transfer engine), in addition, this credible virtual platform configuration hardware security chip TPM.
VMM is responsible for realizing the not isolation between same area in virtual platform as privileged components; Management domain provides administration interface for the user, is responsible for the establishment and management in other territories.Credible service-domain is as the specific function territory, only needs micro-kernel of operation, is mainly used in the function that provides relevant to credible calculating, and can with management domain between carry out necessity and communicate by letter.Use and the running environment of serving as the user in the domestic consumer territory, need to by mutual with management domain, to obtain the trusted function request processing response based on TSD, build the credible of self-operating environment.
Secure communication service is embodied as the kernel device drives, is responsible for ensureing data communication between the territory; The safety transfer service is embodied as the finger daemon in the management domain kernel, be responsible for to receive the migration instruction and completes virtual machine (vm) migration between platform inside and platform.
Compared with prior art, beneficial effect of the present invention:
In existing credible virtual platform, trusted function constantly enriches with renewal and causes the management domain code more complicated and huge, make its may increase under fire, and trusted function also affects whole platform to depending on unduly of management domain and disposes efficient with migration in the complicated calculations environment.In the present invention, trusted function is separated from management domain, it is configured to independently lightweight functional domain (getting final product telecommunications services territory TSD), can guarantee the use of trusted function, but improve the fail safe of telecommunications services, can provide operation and deployment mechanisms flexibly for platform again.In addition, the loose coupling relation of the credible service-domain of lightweight and management domain has improved platform migration efficient, compares with traditional credible virtual platform, platform migration based on credible virtual field is more quick, flexible, can satisfy the application demand of novel computing environment (as cloud computing).
Description of drawings
Fig. 1 is based on the credible virtual platform basic structure schematic diagram of credible service-domain;
Fig. 2 is based on the expansion trust chain schematic diagram of credible service-domain;
Fig. 3 is based on the virtual platform migration flow chart of credible service-domain.
Embodiment
Method of the present invention is mainly to be realized by following virtual platform functional part: credible service-domain, managing process, communication engines, migration engine etc.Referring to Fig. 1, the common share communication mechanism that the virtual platform user virtual machine utilizes monitor of virtual machine VMM to provide, carry out transfer of data with management domain dom0, credible service-domain is as lightweight functional domain independently, utilize management domain to realize data retransmission, ensure inherently safe simultaneously, but providing the telecommunications services such as trust chain constructing, data encapsulation storage and remote proving for a plurality of user virtual machine.
1, credible service-domain
Credible service-domain is functional domain independently on virtual platform, is moving the micro-kernel system (MiniOS) after reducing, and wherein comprises credible service processing process and communication engines.Credible service processing process is used for providing user virtual machine required trust service, comprises that various trusted commands are processed and key structure generates and safeguards.The below is described in detail its credible service processing process.
Credible service-domain is used to the credible virtual platform that trusted function is provided, and therefore must guarantee the credible of its self-operating.The present invention ensures the fail safe of credible service-domain by the method for expansion trust chain.As shown in Figure 2.Utilize the hardware security chip to build from the bottom root of trust to monitor of virtual machine again the basic trust chain of management domain (dom0), in order to utilize credible service-domain to build the trust chain of user virtual machine, need to carry out trust extension on the basic trust chain, can adopt the method for a, two kinds of expansion trust chains of b: a is after management domain starts, credible service-domain is loaded as a functional domain, but must guarantee that it starts prior to each user domain; B adopts dynamic trust root mechanism, and the characteristic of utilizing processor is that credible service-domain creates credible running environment.Above-mentioned two kinds of methods all can extend to credible service-domain from the hardware root of trust with trusting, and build at last the trusted environment of user virtual machine.
The TPM Emulator that credible service processing process is a function optimization as the system service of the micro-kernel MiniOS of system, is a kernel process of realizing with C, is responsible for processing concrete trusted function demand:
(1) message communicating is processed.Be mainly to receive the connection request that forwards from management domain, determine that user virtual machine identifies and establishes a communications link;
(2) key creates and safeguards.For user virtual machine VM sets up needed key structure (containing corresponding EK, AIK, SRK etc.), and generate as required new key such as signature key, encryption key etc.;
(3) command function is processed.Except above-mentioned key management related command, this function is mainly to relating to the processing of platform built-in function order, such as encrypt/decrypt, encapsulation/deblocking etc.For platform peripheral operation order, such as remote proving, key migration etc., consider the binding relationship of they and bottom TPM, TPM Emulator interface in TSD is cut out, this partial function is directly processed by the finger daemon in management domain.
2, managing process
Managing process is arranged in management domain dom0, and main being responsible for provides interactive interface to the upper-layer user, manages simultaneously data communication engine and the migration engine of bottom, and processes external trusted function operation.Its main flow process is:
2-1, managing process receive the instruction from the upper-layer user, by mutual with user console (User Interface), resolve instruction and processing engine corresponding according to instruction calls, comprise the management etc. of establishment and management, domain migration, communication engines and the migration engine of TSD and user domain;
2-2, the external trusted function operation of managing process processing platform, comprise proof that TSD migration, user's virtual Domain are external etc., communication engines is forwarded to managing process with such message, and managing process obtains desired data and returns to communication engines by mutual with TSD and TPM.
3, communication engines
Communication engines is responsible for secure communication between the credible virtual platform domain, mainly comprises the communication drivers in credible service-domain, management domain and user domain.These drivers loaded with the kernel module form before system's operation, and carried out by the order of determining.The flow process of secure communication is as follows:
3-1, credible service-domain load operating after management domain starts, its communication engines (communication equipment front end) is at first initiated initial connection request REQ to management domain
TSD=(ID
TSD|| pagesize||pagenum); ID
TSDIt is the sign in TSD territory.
After 3-2, management domain communication engines (communication rear end) are received the connection request of credible service-domain, according to information such as its page size that provides, quantity, for it provides corresponding shared drive page, set up and being connected and returning to connection status state=ready of credible service-domain;
After 3-3, credible service-domain TSD receive response, on connecting, this waits for credible instruction request;
3-4, user domain load operating after credible service-domain operation, its communication engines is initiatively initiated connection request REQ to management domain
VM=(ID
VM|| pagesize||pagenum); ID
VMIt is the user domain sign.
3-5, management domain are according to ID
VMBut, judge whether can use the telecommunications services of TSD by this user domain (this territory must load, and builds its trust chain based on TSD after TSD; Only has ID
VMGreater than ID
TSDUser domain just can use TSD because territory ID size performance is the order that corresponding field creates, value is less to be created more early.), be verified being connected of rear foundation and this user domain, and return to connection status state=ready to it;
After 3-6, user domain are received connection establishment response from management domain, wait for that the upper strata safety applications initiates the trusted function request;
3-7, user domain safety applications are called the trusted function interface, and the trusted function request is passed to communication engines, and communication engines encapsulates data and is canonical form cmdpkg
VM=(cmdtype||cmdcontent), and send to management domain;
3-8, the cmdpkg of management domain communication engines to receiving
VMMiddle command type cmdtype judges:
1) if local platform operations is transmitted to credible service-domain TSD, after service processes processing request that TSD is credible, result is returned to the management domain communication engines;
2) if externally operation is forwarded to order managing process and processes, managing process returns to communication engines with result;
3-9, management domain communication engines are transmitted to the result of receiving and are designated ID
VMUser domain;
3-10, user domain communication engines are submitted to the upper strata safety applications with result.
Above-mentioned communication process is mainly completed by communication engines and corresponding functional unit cooperation, user domain can not perceive the existence of credible service-domain in whole communication process, its request of data all forwards by management domain, the fail safe of the credible service-domain that further ensures.
4, migration engine
Migration engine is responsible for realizing the credible virtual platform fast transferring based on credible service-domain.As shown in Figure 3.Consider the migration situation of credible virtual platform single virtual machine and whole platform, transition process is divided into the migration of a single virtual machine and two kinds of situations of the whole platform migration of b.Its main method is:
4-1, source platform migration engine are sent migration request REQ to the target platform migration engine after receiving keeper's migration order
M: aenc (sign (type||r
S, SK
S), PK
D);
4-2, target platform are received migration request, and the signature of checking source platform distributes corresponding resource according to the migration type:
(1) single VM migration, it distributes corresponding resource (internal memory, file system etc.) for this VM, and at target platform TSD
DThe middle TSD example instance:TSDI that creates sky
D
(2) all use the VM migration of TSD, are a plurality of VM to be migrated and TSD distribution respective resources, and guarantee not exist in target platform other TSD; If other TSD are arranged, for moving complete TSD, need original platform TSD deletion.
4-3, target platform migration engine are based on its TPM
DGenerate a random number r
D, and confirm that to source platform migration connects foundation: aenc (sign (r
D|| r
S, SK
D), PK
S);
After 4-4, source platform were received and responded and verify target platform signature, migration engine generated a symmetric key K who is used for migration
M, this key is by TPM
STransportable key K
TPMSend to target platform after encapsulation, then generate migration data:
(1) during single migration, migration engine generates TSD example instance:TSDI corresponding to mirror image VMI, this VM of VM to be migrated
SAnd after status data, use K
MAbove-mentioned data and both sides' random number are encrypted, then generate summary MAC value based on the SHA-1 algorithm, be sent to target platform: (senc (VMI||TSDI
S|| r
S| r
D, K
M) || MAC);
When (2) all used the VM migration of TSD, migration engine was used K
MTo the mirror image VMI of whole VM to be migrated, whole TSD and both sides' random number encryption, then be sent to target platform (senc (VMI||TSD||r together with its digest value
S| r
D, K
M) || MAC);
(3) be used for encrypting the symmetric key K of migration data
MTransportable key K by TPM
TPMAfter encapsulation, encrypted transmission is to target platform: aenc ((senc (K
M, K
TPM)), PK
D).
4-5, target platform checking eap-message digest utilize existing TPM key migration agreement to import K
TPM, and obtain K
M, the deciphering migration data is also verified random number, is verified rear notification target platform deletion VM and corresponding TSD
S(or example TSDI
S);
Notification target platform after 4-6, source platform deletion source data, target platform recovers TSD (or example) and VM, completes transition process.
Although for explanation purpose of the present invention discloses specific embodiments and the drawings, its purpose is help to understand content of the present invention and implement according to this, but it will be appreciated by those skilled in the art that: without departing from the spirit and scope of the invention and the appended claims, various replacements, variation and modification are all possible.Therefore, the present invention should not be limited to embodiment and the disclosed content of accompanying drawing, and the scope of protection of present invention is as the criterion with the scope that claims define.
Claims (15)
1. a credible virtual platform, comprise hardware security chip, monitor of virtual machine VMM, management domain, user domain, characterized by further comprising a credible service-domain TSD; Described credible service-domain TSD utilizes the expansion trust chain to set up credible running environment for user domain, described expansion trust chain be management domain with monitor of virtual machine VMM based on the trust chain of hardware security chip foundation from the virtual platform bottom hardware to credible service-domain TSD.
2. credible virtual platform as claimed in claim 1 is characterized in that described credible service-domain TSD is a lightweight micro-kernel territory, wherein compilation run credible platform module on virtual platform; Described credible service-domain TSD sets up independently key structure tree for each user domain on this virtual platform.
3. method as claimed in claim 2, is characterized in that it is the certificate of described user domain application platform identity key A IK ' that described credible service-domain TSD utilizes privacy certification authority (CA) PCA, trusts proof for user domain provides.
4. a credible virtual platform construction method, the steps include:
1) build a credible service-domain TSD, and based on the expansion trust chain of hardware security chip foundation from the virtual platform bottom hardware to TSD, then credible service-domain TSD is that user domain is set up credible running environment according to described expansion trust chain;
2) but user domain upper strata safety applications is called this locality telecommunications services, send the trusted function command packet to management domain;
3) management domain is resolved this trusted function command packet, if the operation of local platform inside forwards it to credible service-domain TSD; If to outside platform operations, by mutual with credible service-domain TSD and bottom hardware safety chip, directly process this trusted function command packet by management domain;
4) credible service-domain TSD issues management domain with the result of this trusted function command packet; Management domain identifies according to user domain, and result is returned to user domain.
5. the method for claim 1 is characterized in that the method that builds described credible service-domain TSD is: create and move a lightweight micro-kernel territory on virtual platform, wherein the compilation run credible platform module, build credible service-domain TSD; Described credible service-domain TSD sets up independently key structure tree for each user domain on this virtual platform.
6. method as claimed in claim 2, is characterized in that it is the certificate of described user domain application platform identity key A IK ' that described credible service-domain TSD utilizes privacy certification authority (CA) PCA, utilizes AIK ' to trust proof for user domain externally provides.
7. as claim 4 or 5 or 6 described methods, the method for building up that it is characterized in that described expansion trust chain is: at first utilize the hardware security chip to build from the bottom root of trust to monitor of virtual machine the basic trust chain of management domain again, then after management domain starts, before user domain starts, credible service-domain TSD is loaded as a functional domain; Perhaps adopt dynamic trust root mechanism that described basic trust chain is expanded, obtain described expansion trust chain.
8. as claim 4 or 5 or 6 described methods, it is characterized in that setting up a secure communication mechanism between management domain and credible service-domain TSD communicates, its method is:
1) credible service-domain TSD initiates the connection request bag to management domain, and it comprises size and the quantity of credible service-domain TSD domain identifier ID, required shared page;
2) management domain is according to be responsible for assigning respective resources and return to the condition responsive of successful connection, the communication connection of setting up credible service-domain TSD and management domain of this connection request.
9. as claim 4 or 5 or 6 described methods, it is characterized in that setting up between management domain and user domain a secure communication mechanism and communicate, its method is:
1) user domain is registered to management domain, and log-on message comprises active user's domain identifier, required shared page size and number of pages;
2) at first management domain is determined ownly to connect with credible service-domain TSD, then judges user domain ID whether less than the territory ID of credible service-domain TSD, if it is set up and being connected of user domain, otherwise connection is set up failure and notified user domain.
10. data migration method between the platform of a credible virtual platform, the steps include:
1) source platform is initiated migration request to target platform; Wherein, described source platform, target platform include a credible service-domain TSD; Described credible service-domain TSD utilizes the expansion trust chain to set up credible running environment for user domain, described expansion trust chain be management domain with monitor of virtual machine VMM based on the trust chain of hardware security chip foundation from the virtual platform bottom hardware to credible service-domain TSD;
2) target platform distributes corresponding resource according to this migration request; Wherein: if a) migration request is single virtual machine migration, the virtual machine instance that target platform has created, and create a new virtual root of trust example in its credible service-domain TSD; B) if migration request is used the credible service-domain TSD of source platform for all
SVirtual machine (vm) migration, target platform creates the empty virtual machine instance consistent with source platform quantity, and with the original TSD of target platform
DDeletion;
3) target platform notification source platform confirms that migration connects foundation;
4) source platform is collected data to be migrated, sends it to target platform;
5) after target platform is received this migration data, return to confirmation to source platform.
11. method as claimed in claim 10 is characterized in that the method that builds described credible service-domain TSD is: create and move a lightweight micro-kernel territory on virtual platform, wherein the compilation run credible platform module, build credible service-domain TSD; Described credible service-domain TSD sets up independently key structure tree for each user domain on this virtual platform.
12. method as claimed in claim 11 is characterized in that it is the certificate of described user domain application platform identity key A IK ' that described credible service-domain TSD utilizes privacy certification authority (CA) PCA, proves for user domain provides external trust.
13. as claim 10 or 11 or 12 described methods, it is characterized in that described migration request comprises the random number r that migration type, source platform migration engine generate
SSigning messages; Described source platform adopts the described migration request of public key encryption of target platform.
14. method as claimed in claim 13, after it is characterized in that described target platform is received this migration request, certifying signature also obtains random number r
S, then described target platform generates the random number r of oneself
DAnd with random number r
SReturn to together described source platform, confirm that migration connects foundation.
15. method as claimed in claim 14 is characterized in that described source platform is with random number r
S, random number r
DAfter the generating messages summary, utilize K together with described data to be migrated
MEncryption sends to target platform; Target platform utilizes the key migration mechanism of hardware security chip TPM with the transportable key K of source platform
TPMImport, the migration data that deciphering is received, after good authentication eap-message digest and random number, the source VM that the deletion of notification source platform is had moved and corresponding TSD
SOr example; Wherein, the symmetric key K that is used for enciphered data
MGenerated by the source platform migration engine, and the transportable key K of using hardware security chip TPM to provide
TPMProtection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310072657.4A CN103139221B (en) | 2013-03-07 | 2013-03-07 | Data migration method between a kind of dependable virtual platform and construction method, platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310072657.4A CN103139221B (en) | 2013-03-07 | 2013-03-07 | Data migration method between a kind of dependable virtual platform and construction method, platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103139221A true CN103139221A (en) | 2013-06-05 |
| CN103139221B CN103139221B (en) | 2016-07-06 |
Family
ID=48498526
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310072657.4A Expired - Fee Related CN103139221B (en) | 2013-03-07 | 2013-03-07 | Data migration method between a kind of dependable virtual platform and construction method, platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103139221B (en) |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103279703A (en) * | 2013-06-07 | 2013-09-04 | 江西省电力公司信息通信分公司 | Method for building desktop cloud virtual trust safety wall |
| CN103812862A (en) * | 2014-01-23 | 2014-05-21 | 厦门密安信息技术有限责任公司 | Dependable security cloud computing composition method |
| CN103942678A (en) * | 2014-04-01 | 2014-07-23 | 武汉天喻信息产业股份有限公司 | Mobile payment system and method based on trusted execution environment |
| CN104539622A (en) * | 2014-12-31 | 2015-04-22 | 华为技术有限公司 | Depth proof method of virtual machine, computing device and computer system |
| WO2016011778A1 (en) * | 2014-07-25 | 2016-01-28 | 华为技术有限公司 | Data processing method and apparatus |
| CN105471843A (en) * | 2015-11-13 | 2016-04-06 | 上海斐讯数据通信技术有限公司 | Data processing method and system based cloud calculation |
| CN105740050A (en) * | 2016-01-28 | 2016-07-06 | 华中科技大学 | Trust transferring method in virtualization environment |
| CN106462439A (en) * | 2014-05-05 | 2017-02-22 | 微软技术许可有限责任公司 | Secure transport of encrypted virtual machines with continuous owner access |
| CN106529342A (en) * | 2016-11-02 | 2017-03-22 | 深圳前海生生科技有限公司 | Virtual machine monitor dynamic integrity detection method based on security chip |
| CN106529284A (en) * | 2016-11-02 | 2017-03-22 | 深圳前海生生科技有限公司 | Security chip-based security reinforcement method for virtual machine monitor |
| CN106610863A (en) * | 2015-10-21 | 2017-05-03 | 华为技术有限公司 | Virtual machine trusted migration method and apparatus |
| CN107018193A (en) * | 2017-04-01 | 2017-08-04 | 济南浪潮高新科技投资发展有限公司 | A kind of VTPM migratory systems and method based on shared storage |
| CN107465689A (en) * | 2017-09-08 | 2017-12-12 | 大唐高鸿信安(浙江)信息科技有限公司 | The key management system and method for virtual credible platform module under cloud environment |
| CN107463638A (en) * | 2017-07-18 | 2017-12-12 | 北京北信源软件股份有限公司 | File sharing method and equipment between offline virtual machine |
| CN107623683A (en) * | 2017-09-07 | 2018-01-23 | 西安电子科技大学 | A kind of cloud resource by dynamic safety prevents method disclosed in information |
| CN108418786A (en) * | 2017-12-28 | 2018-08-17 | 广州华夏职业学院 | A kind of cloud computing data security supporting platform |
| CN108733453A (en) * | 2018-05-11 | 2018-11-02 | 国网信息通信产业集团有限公司 | The operating method and system of credible cloud platform virtual credible root example |
| CN109144662A (en) * | 2018-07-12 | 2019-01-04 | 郑州云海信息技术有限公司 | A kind of Qemu virtual unit disk file guard method and system |
| CN109165079A (en) * | 2018-08-07 | 2019-01-08 | 郑州云海信息技术有限公司 | Cloud data center credible platform, trust chain constructing method, moving method based on virtualization |
| CN109543452A (en) * | 2018-11-29 | 2019-03-29 | 北京元心科技有限公司 | Data transmission method, device, electronic equipment and computer readable storage medium |
| CN109842636A (en) * | 2017-11-24 | 2019-06-04 | 阿里巴巴集团控股有限公司 | Cloud service moving method, device and electronic equipment |
| CN110417538A (en) * | 2019-07-30 | 2019-11-05 | 广州小鹏汽车科技有限公司 | Vehicle and its method and system of internal security communication |
| WO2020000285A1 (en) * | 2018-06-28 | 2020-01-02 | Intel Corporation | Secure virtual machine migration using encrypted memory technologies |
| CN111897621A (en) * | 2019-05-06 | 2020-11-06 | 阿里巴巴集团控股有限公司 | Virtual machine migration method, device, equipment, system and storage medium |
| CN106445641B (en) * | 2016-11-02 | 2020-11-06 | 深圳前海生生科技有限公司 | Data migration method between secure virtual platforms on discrete computing nodes |
| CN113703918A (en) * | 2021-08-26 | 2021-11-26 | 中国人民解放军战略支援部队信息工程大学 | Virtual trusted platform based on hardware assistance and security processing method |
| CN113824683A (en) * | 2021-08-13 | 2021-12-21 | 中国光大银行股份有限公司 | Trusted domain establishing method and device and data system |
| CN113965340A (en) * | 2021-08-30 | 2022-01-21 | 广东南方通信建设有限公司 | Cross-platform data migration method, system and readable medium |
| WO2022073429A1 (en) * | 2020-10-10 | 2022-04-14 | 华为技术有限公司 | Data management method, apparatus and system, and storage medium |
| CN114978589A (en) * | 2022-04-13 | 2022-08-30 | 中国科学院信息工程研究所 | Lightweight cloud operating system and construction method thereof |
| CN116501448A (en) * | 2023-06-21 | 2023-07-28 | 内江师范学院 | Container packaging method and device applied to multiple virtual machines |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101038556A (en) * | 2007-04-30 | 2007-09-19 | 中国科学院软件研究所 | Trusted bootstrap method and system thereof |
| CN101122936A (en) * | 2007-09-21 | 2008-02-13 | 武汉大学 | Embed type platform guiding of credible mechanism |
| CN101344903A (en) * | 2008-09-02 | 2009-01-14 | 中国科学院软件研究所 | Multi-case dynamic remote certification method based on TPM |
| CN101599025A (en) * | 2009-07-07 | 2009-12-09 | 武汉大学 | Safety virtualization method of trusted crypto module |
| CN101901319A (en) * | 2010-07-23 | 2010-12-01 | 北京工业大学 | Trusted computing platform and method for verifying trusted chain transfer |
| CN102035837A (en) * | 2010-12-07 | 2011-04-27 | 中国科学院软件研究所 | Method and system for hierarchically connecting trusted networks |
| CN102136043A (en) * | 2010-01-22 | 2011-07-27 | 中国长城计算机深圳股份有限公司 | Computer system and measuring method thereof |
| US20110237234A1 (en) * | 2010-03-23 | 2011-09-29 | Fujitsu Limited | System and methods for remote maintenance in an electronic network with multiple clients |
| CN102436566A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
-
2013
- 2013-03-07 CN CN201310072657.4A patent/CN103139221B/en not_active Expired - Fee Related
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101038556A (en) * | 2007-04-30 | 2007-09-19 | 中国科学院软件研究所 | Trusted bootstrap method and system thereof |
| CN101122936A (en) * | 2007-09-21 | 2008-02-13 | 武汉大学 | Embed type platform guiding of credible mechanism |
| CN101344903A (en) * | 2008-09-02 | 2009-01-14 | 中国科学院软件研究所 | Multi-case dynamic remote certification method based on TPM |
| CN101599025A (en) * | 2009-07-07 | 2009-12-09 | 武汉大学 | Safety virtualization method of trusted crypto module |
| CN102136043A (en) * | 2010-01-22 | 2011-07-27 | 中国长城计算机深圳股份有限公司 | Computer system and measuring method thereof |
| US20110237234A1 (en) * | 2010-03-23 | 2011-09-29 | Fujitsu Limited | System and methods for remote maintenance in an electronic network with multiple clients |
| CN101901319A (en) * | 2010-07-23 | 2010-12-01 | 北京工业大学 | Trusted computing platform and method for verifying trusted chain transfer |
| CN102035837A (en) * | 2010-12-07 | 2011-04-27 | 中国科学院软件研究所 | Method and system for hierarchically connecting trusted networks |
| CN102436566A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
Non-Patent Citations (1)
| Title |
|---|
| 常德显等: "《TSD: A Flexible Root of Trust for the Cloud》", 《 2012 IEEE 11TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS》 * |
Cited By (45)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103279703A (en) * | 2013-06-07 | 2013-09-04 | 江西省电力公司信息通信分公司 | Method for building desktop cloud virtual trust safety wall |
| CN103812862A (en) * | 2014-01-23 | 2014-05-21 | 厦门密安信息技术有限责任公司 | Dependable security cloud computing composition method |
| CN103942678A (en) * | 2014-04-01 | 2014-07-23 | 武汉天喻信息产业股份有限公司 | Mobile payment system and method based on trusted execution environment |
| US10956321B2 (en) | 2014-05-05 | 2021-03-23 | Microsoft Technology Licensing, Llc | Secure management of operations on protected virtual machines |
| CN106462439A (en) * | 2014-05-05 | 2017-02-22 | 微软技术许可有限责任公司 | Secure transport of encrypted virtual machines with continuous owner access |
| CN106462439B (en) * | 2014-05-05 | 2020-02-07 | 微软技术许可有限责任公司 | Secure transfer to encrypted virtual machines with persistent owner access |
| US10243933B2 (en) | 2014-07-25 | 2019-03-26 | Huawei Technologies Co., Ltd. | Data processing method and apparatus |
| WO2016011778A1 (en) * | 2014-07-25 | 2016-01-28 | 华为技术有限公司 | Data processing method and apparatus |
| US9762555B2 (en) | 2014-07-25 | 2017-09-12 | Huawei Technologies Co., Ltd. | Data processing method and apparatus |
| CN104539622A (en) * | 2014-12-31 | 2015-04-22 | 华为技术有限公司 | Depth proof method of virtual machine, computing device and computer system |
| CN104539622B (en) * | 2014-12-31 | 2018-01-23 | 华为技术有限公司 | Depth method of proof, computing device and the computer system of virtual machine |
| CN106610863A (en) * | 2015-10-21 | 2017-05-03 | 华为技术有限公司 | Virtual machine trusted migration method and apparatus |
| CN106610863B (en) * | 2015-10-21 | 2020-01-10 | 华为技术有限公司 | Virtual machine trusted migration method and device |
| CN105471843A (en) * | 2015-11-13 | 2016-04-06 | 上海斐讯数据通信技术有限公司 | Data processing method and system based cloud calculation |
| CN105471843B (en) * | 2015-11-13 | 2018-07-06 | 上海斐讯数据通信技术有限公司 | Data processing method and system based on cloud computing |
| CN105740050B (en) * | 2016-01-28 | 2019-03-05 | 华中科技大学 | A kind of Trust transitivity method under virtualized environment |
| CN105740050A (en) * | 2016-01-28 | 2016-07-06 | 华中科技大学 | Trust transferring method in virtualization environment |
| CN106529342A (en) * | 2016-11-02 | 2017-03-22 | 深圳前海生生科技有限公司 | Virtual machine monitor dynamic integrity detection method based on security chip |
| CN106529284A (en) * | 2016-11-02 | 2017-03-22 | 深圳前海生生科技有限公司 | Security chip-based security reinforcement method for virtual machine monitor |
| CN106445641B (en) * | 2016-11-02 | 2020-11-06 | 深圳前海生生科技有限公司 | Data migration method between secure virtual platforms on discrete computing nodes |
| CN107018193A (en) * | 2017-04-01 | 2017-08-04 | 济南浪潮高新科技投资发展有限公司 | A kind of VTPM migratory systems and method based on shared storage |
| CN107463638A (en) * | 2017-07-18 | 2017-12-12 | 北京北信源软件股份有限公司 | File sharing method and equipment between offline virtual machine |
| CN107623683A (en) * | 2017-09-07 | 2018-01-23 | 西安电子科技大学 | A kind of cloud resource by dynamic safety prevents method disclosed in information |
| CN107623683B (en) * | 2017-09-07 | 2020-12-18 | 西安电子科技大学 | Method for preventing information disclosure through dynamic and safe cloud resources |
| CN107465689A (en) * | 2017-09-08 | 2017-12-12 | 大唐高鸿信安(浙江)信息科技有限公司 | The key management system and method for virtual credible platform module under cloud environment |
| CN109842636A (en) * | 2017-11-24 | 2019-06-04 | 阿里巴巴集团控股有限公司 | Cloud service moving method, device and electronic equipment |
| US11861203B2 (en) | 2017-11-24 | 2024-01-02 | Alibaba Group Holding Limited | Method, apparatus and electronic device for cloud service migration |
| CN108418786A (en) * | 2017-12-28 | 2018-08-17 | 广州华夏职业学院 | A kind of cloud computing data security supporting platform |
| CN108733453A (en) * | 2018-05-11 | 2018-11-02 | 国网信息通信产业集团有限公司 | The operating method and system of credible cloud platform virtual credible root example |
| WO2020000285A1 (en) * | 2018-06-28 | 2020-01-02 | Intel Corporation | Secure virtual machine migration using encrypted memory technologies |
| CN109144662A (en) * | 2018-07-12 | 2019-01-04 | 郑州云海信息技术有限公司 | A kind of Qemu virtual unit disk file guard method and system |
| CN109165079A (en) * | 2018-08-07 | 2019-01-08 | 郑州云海信息技术有限公司 | Cloud data center credible platform, trust chain constructing method, moving method based on virtualization |
| CN109165079B (en) * | 2018-08-07 | 2021-07-27 | 郑州云海信息技术有限公司 | Cloud data center trusted platform based on virtualization and method for building trust chain |
| CN109543452A (en) * | 2018-11-29 | 2019-03-29 | 北京元心科技有限公司 | Data transmission method, device, electronic equipment and computer readable storage medium |
| CN111897621A (en) * | 2019-05-06 | 2020-11-06 | 阿里巴巴集团控股有限公司 | Virtual machine migration method, device, equipment, system and storage medium |
| CN110417538B (en) * | 2019-07-30 | 2022-10-14 | 广州小鹏汽车科技有限公司 | Vehicle and method and system for internal safety communication of vehicle |
| CN110417538A (en) * | 2019-07-30 | 2019-11-05 | 广州小鹏汽车科技有限公司 | Vehicle and its method and system of internal security communication |
| WO2022073429A1 (en) * | 2020-10-10 | 2022-04-14 | 华为技术有限公司 | Data management method, apparatus and system, and storage medium |
| CN113824683A (en) * | 2021-08-13 | 2021-12-21 | 中国光大银行股份有限公司 | Trusted domain establishing method and device and data system |
| CN113703918A (en) * | 2021-08-26 | 2021-11-26 | 中国人民解放军战略支援部队信息工程大学 | Virtual trusted platform based on hardware assistance and security processing method |
| CN113965340A (en) * | 2021-08-30 | 2022-01-21 | 广东南方通信建设有限公司 | Cross-platform data migration method, system and readable medium |
| CN114978589A (en) * | 2022-04-13 | 2022-08-30 | 中国科学院信息工程研究所 | Lightweight cloud operating system and construction method thereof |
| CN114978589B (en) * | 2022-04-13 | 2023-08-08 | 中国科学院信息工程研究所 | Lightweight cloud operating system and construction method thereof |
| CN116501448A (en) * | 2023-06-21 | 2023-07-28 | 内江师范学院 | Container packaging method and device applied to multiple virtual machines |
| CN116501448B (en) * | 2023-06-21 | 2023-09-01 | 内江师范学院 | Container packaging method and device applied to multiple virtual machines |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103139221B (en) | 2016-07-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103139221B (en) | Data migration method between a kind of dependable virtual platform and construction method, platform | |
| EP2880589B1 (en) | Trusted execution environment virtual machine cloning | |
| CN101866408B (en) | Transparent trust chain constructing system based on virtual machine architecture | |
| CN109165079B (en) | Cloud data center trusted platform based on virtualization and method for building trust chain | |
| US9948616B2 (en) | Apparatus and method for providing security service based on virtualization | |
| US20160119141A1 (en) | Secure communication authentication method and system in distributed environment | |
| CN102033781B (en) | Desktop system switching method for virtual machine | |
| Khan et al. | Design and deployment of a trusted eucalyptus cloud | |
| CN103795717A (en) | Method and system for proving integrity of cloud computing platform | |
| CN104272699A (en) | Certificate based connection to cloud virtual machine | |
| CN102244684B (en) | EFI (Extensible Firmware Interface) trusted Cloud chain guiding method based on USBKey | |
| WO2016107394A1 (en) | Depth proof method of virtual machine, computing device and computer system | |
| CN105700945A (en) | Clean room environment-based safe virtual machine migration method | |
| CN105956465A (en) | VTPM-based method for constructing virtual trusted platform | |
| CN114036573A (en) | Computing device supporting private computing | |
| CN114116026B (en) | Cloud platform trust chain layered model construction method | |
| CN109614204A (en) | Memory insulation blocking method, isolation check hardware, SOC chip and storage medium | |
| CN103347027A (en) | Trusted network connecting method and system | |
| CN107704308A (en) | Virtual platform vTPM management systems, trust chain constructing method and device, storage medium | |
| CN111143030B (en) | Migration method of cloud environment trusted virtual machine | |
| Chang et al. | TSD: a flexible root of trust for the cloud | |
| CN104102524A (en) | Method for realizing virtual secure element (VSE) | |
| CN104038469B (en) | Equipment for safety information interaction | |
| CN115344871A (en) | Confidential computing environment construction method and system based on ARM architecture | |
| US10261921B2 (en) | Universal secure platform virtualization system and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160706 Termination date: 20190307 |