CN111475813A - Trusted virtualization platform management system and method - Google Patents
Trusted virtualization platform management system and method Download PDFInfo
- Publication number
- CN111475813A CN111475813A CN202010154802.3A CN202010154802A CN111475813A CN 111475813 A CN111475813 A CN 111475813A CN 202010154802 A CN202010154802 A CN 202010154802A CN 111475813 A CN111475813 A CN 111475813A
- Authority
- CN
- China
- Prior art keywords
- management
- trusted
- server
- virtual machine
- reference value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000005259 measurement Methods 0.000 claims abstract description 55
- 230000005540 biological transmission Effects 0.000 claims abstract description 22
- 238000007726 management method Methods 0.000 claims description 173
- 230000003993 interaction Effects 0.000 claims description 13
- 238000012795 verification Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 12
- 238000013523 data management Methods 0.000 claims description 8
- 230000008676 import Effects 0.000 claims description 7
- 230000008569 process Effects 0.000 abstract description 12
- 238000013461 design Methods 0.000 abstract description 6
- 230000003068 static effect Effects 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a trusted virtualization platform management system and a method, which can identify and report when a measurement file is tampered by designing logic designs of a Web management end module, a remote certification module and a data transmission interface module and logic designs of corresponding sub-modules through static measurement, so that the integrity of relevant codes of a hardware environment, a virtualization environment, an operating system, an application program and the like of a server in a starting process is measured, the integrity of the application program in a running process is monitored, APT attacks aiming at the software and hardware platform of the server, attacks of malicious software and the like are resisted, and the integrity of a virtual machine and the safety of the running environment are ensured.
Description
Technical Field
The invention relates to the technical field of trusted computing, in particular to a trusted virtualization platform management system and a trusted virtualization platform management method.
Background
With the continuous development and progress of computer technology, in order to improve the utilization rate of server resources, simplify system management and realize server integration, a server virtualization technology is developed, i.e., physical resources of a server are abstracted into logical resources, so that one server becomes several or even hundreds of virtual servers which are isolated from each other. Although the virtual machine is not a real hardware physical resource, the program running on the virtual machine is just as if it were running on a real computer.
Safety is an important consideration of a virtual machine platform, but currently, the trusted computing safety of the virtual machine platform is low, so a trusted virtualization platform management method is urgently needed to solve the above problems.
Disclosure of Invention
The invention aims to provide a trusted virtualization platform management system and a trusted virtualization platform management method, which aim to solve the problem of low security of a trusted virtual machine in the prior art and ensure the integrity of the virtual machine and the security of a running environment.
In order to achieve the above technical object, the present invention provides a trusted virtualization platform management system, including:
a trusted virtualization management end and a server end;
the trusted virtualization management terminal communicates with the service terminal through an SS L channel;
the trusted virtualization management terminal comprises: the system comprises a Web management end module, a remote certification module and a data transmission interface module;
the Web management end module is used for managing the trusted data and the trusted state of the physical machine operating system and the virtual machine operating system, managing the signature key public key of the server and managing the virtual machine mirror image and the virtual machine instance;
the remote certification module is used for verifying the credibility state of the server platform through verifying the measurement report and the measurement log before the data interaction between the management terminal and the server;
the data transmission interface module is used for providing a data transmission interface.
Preferably, the Web management side module includes a trusted data management submodule, a key management submodule, and a configuration management submodule.
Preferably, the trusted data management submodule includes a reference value management unit and a metric management unit;
the reference value management unit is used for deleting and inquiring reference values of a physical machine operating system and a virtual machine operating system;
the measurement management unit is used for checking the measurement value, managing a measurement configuration file and managing a credible state; the checking measurement values comprise checking measurement values of a physical machine operating system and a virtual machine operating system, a measurement log and a storage position of a measurement report; the management measurement configuration file comprises a measurement configuration file generated for a specified physical machine operating system and a specified virtual machine operating system and is issued to a server where the measurement configuration file is located; managing the trusted state includes viewing a trusted state of the physical machine operating system and the virtual machine operating system that was last launched.
Preferably, the configuration management submodule includes a mirror image management unit and a virtual machine management unit;
the mirror image management unit is used for checking mirror image information on a specific host;
the virtual machine management unit is used for starting, closing and restarting the virtual machine through the Web management terminal and checking the currently running virtual machine instance and the credible state thereof.
The invention also provides a trusted virtualization platform management method, which comprises the following operations:
the management terminal collects the reference value information of the server terminal, and imports the reference value information into a reference value database to manage the credible data and the credible state;
the server side encrypts and signs the signature key by using the public key provided by the management side and stores the signature key in a key database;
before the management side and the server side carry out data interaction, the credibility state of the server side platform is verified through the key in the key database, the PCR reference value in the reference value database, the reference log verification measurement report and the measurement log.
Preferably, the operation of collecting and importing the reference value information of the server to the reference value database by the management side is as follows:
and running a reference value collection agent program on a host or a virtual machine needing to derive a reference value, deriving a reference value report in an xml format, copying the report to a management end, and importing the collected reference values into a database by using a reference value importing program installed on the management end.
Preferably, the operation of encrypting and signing the signature key by the server using the public key provided by the management end and storing the signature key in the key database is as follows:
providing a signature key public key generated by a TPM of a management terminal to a server terminal in a secure way;
the server side generates a signature key by using the TPM of the server side, and encrypts and signs the public key of the signature key by using the public key provided by the management side;
uploading the public key after the encryption and the signature to a management end in a safe transmission channel;
and after the management terminal verifies that the signature is correct, storing the encrypted server public key into a key database.
Preferably, the management side and the service side communicate through an SS L channel.
The invention also provides a trusted virtualization platform management device, which comprises:
a memory for storing a computer program;
and the processor is used for executing the computer program to realize the trusted virtualization platform management method.
The invention also provides a readable storage medium for storing a computer program, wherein the computer program realizes the trusted virtualization platform management method when being executed by a processor.
The effect provided in the summary of the invention is only the effect of the embodiment, not all the effects of the invention, and one of the above technical solutions has the following advantages or beneficial effects:
compared with the prior art, the invention can identify and report when the measurement file is falsified by designing the logic design of three modules, namely the Web management end module, the remote certification module and the data transmission interface module and the logic design of each corresponding sub-module through static measurement, thereby realizing the measurement of the integrity of relevant codes such as a hardware environment, a virtualization environment, an operating system, an application program and the like of a server in the starting process and the integrity monitoring of the application program in the running process, so as to resist the APT attack of a server software and hardware platform, the attack of malicious software and the like, and ensure the integrity of a virtual machine and the safety of the running environment.
Drawings
Fig. 1 is a schematic structural diagram of a trusted virtualization platform management system according to an embodiment of the present invention;
fig. 2 is a schematic diagram illustrating a reference value importing process provided in an embodiment of the present invention;
fig. 3 is a schematic diagram illustrating a process of storing a key at a server according to an embodiment of the present invention.
Detailed Description
In order to clearly explain the technical features of the present invention, the following detailed description of the present invention is provided with reference to the accompanying drawings. The following disclosure provides many different embodiments, or examples, for implementing different features of the invention. To simplify the disclosure of the present invention, the components and arrangements of specific examples are described below. Furthermore, the present invention may repeat reference numerals and/or letters in the various examples. This repetition is for the purpose of simplicity and clarity and does not in itself dictate a relationship between the various embodiments and/or configurations discussed. It should be noted that the components illustrated in the figures are not necessarily drawn to scale. Descriptions of well-known components and processing techniques and procedures are omitted so as to not unnecessarily limit the invention.
The following describes a trusted virtualization platform management system and method provided by the embodiments of the present invention in detail with reference to the accompanying drawings.
As shown in fig. 1, the present invention discloses a trusted virtualization platform management system, which includes:
a trusted virtualization management end and a server end;
the trusted virtualization management terminal communicates with the service terminal through an SS L channel;
the trusted virtualization management terminal comprises: the system comprises a Web management end module, a remote certification module and a data transmission interface module;
the Web management end module is used for managing the trusted data and the trusted state of the physical machine operating system and the virtual machine operating system, managing the signature key public key of the server and managing the virtual machine mirror image and the virtual machine instance;
the remote certification module is used for verifying the credibility state of the server platform through verifying the measurement report and the measurement log before the data interaction between the management terminal and the server;
the data transmission interface module is used for providing a data transmission interface.
In the embodiment of the invention, the TPM (Trusted Platform Module) security chip is embedded in the mainboard and matched with the related software, so that the integrity of related codes such as a hardware environment, a virtualization environment, an operating system, an application program and the like of the server in the starting process is measured, and the integrity of the application program in the running process is monitored, so that the APT attack (advanced persistent threat attack) aiming at the software and hardware Platform of the server, the attack of malicious software and the like are resisted, and the integrity of the virtual machine and the safety of the running environment are ensured.
The trusted virtualization management end is on a wave trusted server supporting a TPM chip, and statically measures a VMM (Virtual Machine Monitor) and a Virtual Machine image through a security module in a Xen (open source code Virtual Machine Monitor), wherein if a measurement file is tampered, the measurement file can be identified and reported, and the system management can manage the trusted states of a Virtual Machine and a host Machine where the Virtual Machine is located through a management end Web page.
The Web management end module comprises a trusted data management submodule, a key management submodule and a configuration management submodule.
The trusted data management submodule is mainly used for managing trusted data and trusted states of a physical machine operating system and a virtual machine operating system and mainly comprises reference value management and measurement management.
The reference value management comprises functions of deleting and inquiring reference values of the physical machine operating system and the virtual machine operating system. The metric management includes metric value viewing, metric profile management, and trusted state management. The metric value viewing comprises viewing the physical machine operating system and virtual machine operating system metric values, metric logs and the storage locations of metric reports; the measurement configuration file management comprises the steps of generating measurement configuration files for the designated physical machine operating system and the designated virtual machine operating system and sending the measurement configuration files to the server; the trusted state management includes viewing a trusted state of a last boot of the physical machine operating system and the virtual machine operating system.
The key management submodule is mainly used for managing a signature key public key of the server side, and comprises key storage, key deletion and key check.
The configuration management submodule mainly manages the virtual machine mirror image and the virtual machine instance, and comprises mirror image management and virtual machine management functions. The mirror management includes viewing mirror information on a particular host; the virtual machine management comprises remote control for starting, closing and restarting the virtual machine through a Web management terminal and virtual machine instance management for viewing the currently running virtual machine instance and the trusted state thereof.
The remote attestation module is used for verifying the trusted state of the server platform, the remote attestation refers to two nodes in a network, one node reports the information of the platform to the other node by using an agreed format and protocol, so that the other node can obtain the information and judge the trusted state of the platform, the remote attestation aims to allow the two nodes to judge the trusted state of the platform of the other party before interaction, and if the trusted state of the platform meets the interaction requirement, data interaction is allowed to be carried out between the nodes.
After receiving the integrity report and the measurement log, the trusted virtualization management terminal verifies the signature of the report, and verifies the integrity report and the measurement log submitted by the client according to a PCR (platform configuration register) reference value and a reference log stored in a reference value database after the verification is passed to obtain a verification result.
The data transmission interface module provides a data transmission interface for a key management submodule, a configuration management submodule and a remote certification module of the Web management end module, and has the functions of ensuring the confidentiality of data transmission, analyzing a Web service request sent by the service end, sending data in an xml format to the service end and the like by calling an SS L (Security Socket L eye, secure transmission protocol) secure channel.
The trusted virtualization management end is a trusted third party of key management and also plays a role in integrity verification of the server platform.
As shown in fig. 2, the trusted virtualization management side imports the reference value information collected by the server side into the reference value database, and the specific flow is as follows:
the administrator runs a reference value collection agent on a host or a virtual machine which needs to derive a reference value, derives a reference value report in an xml format, copies the report to the management side, and uses a reference value importing program installed on the management side to import the collected reference values into a database. The hosts with the same VMM version share the same template and have the same reference value, and when the host requests integrity verification for the first time, the verification program matches the template for the host according to the VMM version of the host. The virtual machines created by using the same mirror image share one template, and when the virtual machine requests verification for the first time, the verification program is used as a virtual machine matching template according to the ID and the name of the mirror image file for creating the virtual machine.
As shown in fig. 3, the trusted virtualization management side further stores the signature key public key uploaded by the service side into the key database in an encrypted form, and the key storage process is as follows:
1. providing a signature key public key generated by a TPM of a management terminal to a server terminal in a secure way;
2. the server side generates a signature key by using the TPM of the server side, and encrypts and signs the public key of the signature key by using the public key provided by the management side;
3. uploading the public key after the encryption and the signature to a management end in a safe transmission channel;
4. and after the management terminal verifies that the signature is correct, storing the encrypted server public key into a key database.
The embodiment of the invention can identify and report the measurement file when being tampered by designing the logic design of three modules, namely the Web management end module, the remote certification module and the data transmission interface module and the logic design of each corresponding sub-module through static measurement, so that the integrity of relevant codes such as a hardware environment, a virtualization environment, an operating system and an application program in the starting process of a server is measured, and the integrity of the application program in the running process is monitored, so that the APT attack aiming at a server software and hardware platform, the attack of malicious software and the like are resisted, and the integrity of a virtual machine and the safety of the running environment are ensured.
The embodiment of the invention also discloses a trusted virtualization platform management method, which comprises the following operations:
the management terminal collects the reference value information of the server terminal, and imports the reference value information into a reference value database to manage the credible data and the credible state;
the server side encrypts and signs the signature key by using the public key provided by the management side and stores the signature key in a key database;
before the management side and the server side carry out data interaction, the credibility state of the server side platform is verified through the key in the key database, the PCR reference value in the reference value database, the reference log verification measurement report and the measurement log.
The trusted virtualization management end statically measures mirror images of the VMM and the virtual machine through a security module in Xen on a wave trusted server supporting a TPM chip, if a measurement file is tampered, the measurement file can be identified and reported, and the system management can manage the virtual machine and the trusted state of a host machine where the virtual machine is located through a management end Web page.
The trusted virtualization management end is a trusted third party of key management and also plays a role in integrity verification of the server platform.
The trusted virtualization management end imports the reference value information collected by the server end into a reference value database, and the specific flow is as follows:
the administrator runs a reference value collection agent on a host or a virtual machine which needs to derive a reference value, derives a reference value report in an xml format, copies the report to the management side, and uses a reference value importing program installed on the management side to import the collected reference values into a database. The hosts with the same VMM version share the same template and have the same reference value, and when the host requests integrity verification for the first time, the verification program matches the template for the host according to the VMM version of the host. The virtual machines created by using the same mirror image share one template, and when the virtual machine requests verification for the first time, the verification program is used as a virtual machine matching template according to the ID and the name of the mirror image file for creating the virtual machine.
The trusted virtualization management terminal also stores the signature key public key uploaded by the server terminal into a key database in an encrypted form, and the key storage process is as follows:
providing a signature key public key generated by a TPM of a management terminal to a server terminal in a secure way;
the server side generates a signature key by using the TPM of the server side, and encrypts and signs the public key of the signature key by using the public key provided by the management side;
uploading the public key after the encryption and the signature to a management end in a safe transmission channel;
and after the management terminal verifies that the signature is correct, storing the encrypted server public key into a key database.
Trusted data management, key management and configuration management are realized through the management terminal.
The trusted data management mainly aims at the trusted data and the trusted state of a physical machine operating system and a virtual machine operating system, and mainly comprises reference value management and measurement management.
The reference value management comprises functions of deleting and inquiring reference values of the physical machine operating system and the virtual machine operating system. The metric management includes metric value viewing, metric profile management, and trusted state management. The metric value viewing comprises viewing the physical machine operating system and virtual machine operating system metric values, metric logs and the storage locations of metric reports; the measurement configuration file management comprises the steps of generating measurement configuration files for the designated physical machine operating system and the designated virtual machine operating system and sending the measurement configuration files to the server; the trusted state management includes viewing a trusted state of a last boot of the physical machine operating system and the virtual machine operating system.
The key management mainly manages the signature key public key of the server, and comprises key storage, key deletion and key check.
The configuration management mainly manages the virtual machine mirror image and the virtual machine instance, and comprises mirror image management and virtual machine management functions. The mirror management includes viewing mirror information on a particular host; the virtual machine management comprises remote control for starting, closing and restarting the virtual machine through a Web management terminal and virtual machine instance management for viewing the currently running virtual machine instance and the trusted state thereof.
Before the interaction between the management terminal and the server terminal, the trusted state of the server platform is verified through remote certification, wherein the remote certification refers to two nodes in a network, one node reports the information of the platform to the other node by using an agreed format and protocol, so that the other node can obtain the information and judge the trusted state of the platform, the remote certification aims at allowing the two nodes to judge the trusted state of the platform of the other party before the interaction, and if the trusted state of the platform meets the interaction requirement, the data interaction between the nodes is allowed.
And after the trusted virtualization management terminal receives the integrity report and the measurement log, verifying the signature of the report, and verifying the integrity report and the measurement log submitted by the client according to the PCR reference value and the reference log stored in the reference value database to obtain a verification result after the verification is passed.
Data communication between the management terminal and the server terminal is completed through the data transmission interface, the confidentiality of data transmission is guaranteed by calling an SS L security channel, a Web service request sent by the server terminal is analyzed, and data in an xml format are sent to the server terminal.
The embodiment of the invention also discloses a trusted virtualization platform management device, which comprises:
a memory for storing a computer program;
and the processor is used for executing the computer program to realize the trusted virtualization platform management method.
The embodiment of the invention also discloses a readable storage medium for storing the computer program, wherein the computer program realizes the trusted virtualization platform management method when being executed by the processor.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (10)
1. A trusted virtualization platform management system, the system comprising:
a trusted virtualization management end and a server end;
the trusted virtualization management terminal communicates with the service terminal through an SS L channel;
the trusted virtualization management terminal comprises: the system comprises a Web management end module, a remote certification module and a data transmission interface module;
the Web management end module is used for managing the trusted data and the trusted state of the physical machine operating system and the virtual machine operating system, managing the signature key public key of the server and managing the virtual machine mirror image and the virtual machine instance;
the remote certification module is used for verifying the credibility state of the server platform through verifying the measurement report and the measurement log before the data interaction between the management terminal and the server;
the data transmission interface module is used for providing a data transmission interface.
2. The trusted virtualization platform management system of claim 1, wherein the Web management side module comprises a trusted data management submodule, a key management submodule and a configuration management submodule.
3. The trusted virtualization platform management system of claim 2, wherein the trusted data management submodule comprises a reference value management unit and a metric management unit;
the reference value management unit is used for deleting and inquiring reference values of a physical machine operating system and a virtual machine operating system;
the measurement management unit is used for checking the measurement value, managing a measurement configuration file and managing a credible state; the checking measurement values comprise checking measurement values of a physical machine operating system and a virtual machine operating system, a measurement log and a storage position of a measurement report; the management measurement configuration file comprises a measurement configuration file generated for a specified physical machine operating system and a specified virtual machine operating system and is issued to a server where the measurement configuration file is located; managing the trusted state includes viewing a trusted state of the physical machine operating system and the virtual machine operating system that was last launched.
4. A trusted virtualization platform management system according to claim 1, wherein the configuration management submodule includes a mirror management unit and a virtual machine management unit;
the mirror image management unit is used for checking mirror image information on a specific host;
the virtual machine management unit is used for starting, closing and restarting the virtual machine through the Web management terminal and checking the currently running virtual machine instance and the credible state thereof.
5. A trusted virtualization platform management method, the method comprising the operations of:
the management terminal collects the reference value information of the server terminal, and imports the reference value information into a reference value database to manage the credible data and the credible state;
the server side encrypts and signs the signature key by using the public key provided by the management side and stores the signature key in a key database;
before the management side and the server side carry out data interaction, the credibility state of the server side platform is verified through the key in the key database, the PCR reference value in the reference value database, the reference log verification measurement report and the measurement log.
6. The method for managing the trusted virtualization platform according to claim 5, wherein the operation of collecting the reference value information of the server and importing the reference value information into the reference value database by the management side is as follows:
and running a reference value collection agent program on a host or a virtual machine needing to derive a reference value, deriving a reference value report in an xml format, copying the report to a management end, and importing the collected reference values into a database by using a reference value importing program installed on the management end.
7. The method for managing the trusted virtualization platform according to claim 5, wherein the operation of the server side performing encryption signature on the signature key by using the public key provided by the management side and storing the signature key in the key database is as follows:
providing a signature key public key generated by a TPM of a management terminal to a server terminal in a secure way;
the server side generates a signature key by using the TPM of the server side, and encrypts and signs the public key of the signature key by using the public key provided by the management side;
uploading the public key after the encryption and the signature to a management end in a safe transmission channel;
and after the management terminal verifies that the signature is correct, storing the encrypted server public key into a key database.
8. The method as claimed in claim 5, wherein the management side and the service side communicate via an SS L channel.
9. A trusted virtualization platform management device, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the trusted virtualization platform management method according to any one of claims 5 to 8.
10. A readable storage medium for storing a computer program, wherein the computer program, when executed by a processor, implements the trusted virtualization platform management method according to any one of claims 5 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010154802.3A CN111475813A (en) | 2020-03-08 | 2020-03-08 | Trusted virtualization platform management system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010154802.3A CN111475813A (en) | 2020-03-08 | 2020-03-08 | Trusted virtualization platform management system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111475813A true CN111475813A (en) | 2020-07-31 |
Family
ID=71747275
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010154802.3A Withdrawn CN111475813A (en) | 2020-03-08 | 2020-03-08 | Trusted virtualization platform management system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111475813A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112214769A (en) * | 2020-10-30 | 2021-01-12 | 国家电网有限公司信息通信分公司 | Active measurement system of Windows system based on SGX architecture |
| CN112256392A (en) * | 2020-10-22 | 2021-01-22 | 海光信息技术股份有限公司 | Measurement method, measurement device and related equipment |
-
2020
- 2020-03-08 CN CN202010154802.3A patent/CN111475813A/en not_active Withdrawn
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112256392A (en) * | 2020-10-22 | 2021-01-22 | 海光信息技术股份有限公司 | Measurement method, measurement device and related equipment |
| CN112214769A (en) * | 2020-10-30 | 2021-01-12 | 国家电网有限公司信息通信分公司 | Active measurement system of Windows system based on SGX architecture |
| CN112214769B (en) * | 2020-10-30 | 2023-05-26 | 国家电网有限公司信息通信分公司 | Active measurement system of Windows system based on SGX architecture |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Paccagnella et al. | Custos: Practical tamper-evident auditing of operating systems using trusted execution | |
| Priebe et al. | EnclaveDB: A secure database using SGX | |
| CN108780485B (en) | Pattern matching based data set extraction | |
| US20190089720A1 (en) | Systems and methods for detecting attacks in big data systems | |
| Aguiar et al. | An overview of issues and recent developments in cloud computing and storage security | |
| US20120324236A1 (en) | Trusted Snapshot Generation | |
| US20180020008A1 (en) | Secure asynchronous communications | |
| Aublin et al. | LibSEAL: Revealing service integrity violations using trusted execution | |
| Pappas et al. | CloudFence: Data flow tracking as a cloud service | |
| US11693955B2 (en) | Method for remotely monitoring host based on chip-level privacy-preserving computation (PPC) | |
| CN108027856B (en) | Real-time indicator for establishing attack information using trusted platform module | |
| Kotla et al. | Pasture: Secure offline data access using commodity trusted hardware | |
| CN111475813A (en) | Trusted virtualization platform management system and method | |
| US20200110879A1 (en) | Trusted computing attestation of system validation state | |
| Beekman | Improving cloud security using secure enclaves | |
| Hosseinzadeh et al. | Recent trends in applying TPM to cloud computing | |
| Zhu et al. | Secure collaborative integrity verification for hybrid cloud environments | |
| Aditham et al. | A novel framework for mitigating insider attacks in big data systems | |
| WO2022116761A1 (en) | Self auditing blockchain | |
| CN115495746B (en) | eBPF-based safety protection method and system and electronic equipment | |
| Saxena et al. | Collaborative approach for data integrity verification in cloud computing | |
| CN114189515B (en) | SGX-based server cluster log acquisition method and device | |
| Huh et al. | Managing application whitelists in trusted distributed systems | |
| Pontes et al. | Attesting AMD SEV-SNP Virtual Machines with SPIRE | |
| Severinsen | Secure programming with intel sgx and novel applications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20200731 |
|
| WW01 | Invention patent application withdrawn after publication |