CN113407342A - Trusted computing node dynamic management method under cloud environment - Google Patents

Abstract

The invention discloses a dynamic management method of trusted computing nodes in a cloud environment, which comprises the steps of firstly establishing a trusted node time tree model; setting a node configuration protocol, and acquiring the own serial number, the IP of a precursor node and a public key certificate from the RT by the MT; configuring a node registration protocol for RT verification of the integrity of all the MTs after starting, and adding the MTs into a trusted node network through verification; the node deregistration protocol is configured so that the state of the successor node continues to be passed on to the RT. The invention ensures that a large number of nodes can be simultaneously registered, batch logout and maintained, and realizes the credible transmission among the nodes.

Description

Trusted computing node dynamic management method under cloud environment

Technical Field

The invention relates to a dynamic management method of a trusted node in a trusted cloud platform construction process, in particular to a cloud platform trusted node dynamic management method based on a time tree in a cloud environment.

Background

Cloud computing provides resources externally in an on-demand service manner by integrating ultra-large-scale computing and storage resources. More and more businesses are beginning to employ cloud computing, with Gartner projected that one third of the global digital content will be stored on the cloud in 2016, and Forrester projected that the global cloud computing market will scale to $ 2140 billion in 2020. However, the development of cloud computing still faces many challenges, where cloud security has become the biggest obstacle to its development. Gartner's findings show that more than 70% of visited business chief technologists represent a near-term lack of adoption of cloud computing, primarily due to concerns over data security and privacy protection. Traditional data encryption can only protect the security of data storage, and when data is operated in a clear text form in the cloud, the data still faces leakage caused by malicious or error of employees in a cloud service provider, so that a mechanism is needed to ensure the confidentiality and integrity of computing in a cloud platform. The trusted cloud platform based on the trusted computing technology can verify whether the current platform state is trusted before the user application is loaded, so that the confidentiality and the integrity of data are guaranteed. More and more trusted cloud service schemes based on user authentication or third party authentication are proposed, but the problem is how to ensure that the cloud service provider is trusted. If the cloud service provider cannot do this, the cloud service is likely to fail authentication when the user uses the above scheme, resulting in failure of service transactions by both parties, which is disadvantageous to both parties.

Current researchers proposed TCCP options to introduce Trusted Coordinators (TCs) to manage trusted computing nodes inside a cloud platform. And the TC is responsible for processing the joining, quitting and maintenance of the trusted nodes in the cloud platform. Since it takes about 1s or more for a TC to perform a trusted node join operation once, the overhead in time is intolerable when a large number of nodes join simultaneously. Meanwhile, the TC is responsible for managing all nodes, and when the nodes are large in scale, the TC is likely to become a bottleneck. Although researchers propose that a Ciphertext Policy Encryption framework (CPABE) Based on attributes is adopted between a monitoring node and a managed node, the time cost for a large number of nodes to join a trusted cloud platform at the same time is reduced, and when management operations such as batch logout and maintenance of the nodes are involved, the monitoring node still becomes a system bottleneck.

Disclosure of Invention

The invention provides a dynamic management method for trusted computing nodes in a cloud environment, which realizes simultaneous and rapid registration, batch logout and maintenance of a large number of nodes.

The invention discloses a method for dynamically managing trusted computing nodes in a cloud environment, which comprises the following steps:

the method comprises the following steps: establishing a trusted node time tree model

Defining a time tree T as a binary group<V，E>Where V is a finite set of n (n ≧ 0) nodes, and V ═ V_iI is not less than 0 and not more than n-1, E is the set of edges between nodes, E is a retaining circle<v_i，v_j>|v_i，v_j∈V，i≠j}；

v_i＝<I，t>Wherein I is a set of node numbers I, I belongs to [0, n-1 ]]T is a time attribute, t belongs to [0, v ∈ ]_i]Defining the time attribute t as the time when the node is added into the time tree, if v_iAnd v_jWhen the time tree is added at the same time, t is_i＝t_j(ii) a If v is_iPreceding v_jAdding a time tree, then there is t_i＜t_jI and t satisfy the following relationship:

f (i) is defined as

V is when and only when i and j satisfy j ═ f (i)_i，v_jE, in this case, v_iIs v_jV successor node of_jIs v_iIs a precursor node，v_jAll successor nodes of (1) are brother nodes;

when V is phi, T is called as a space time tree; when V is not equal to phi, randomly determining the serial number by the nodes in V, determining the time attribute value of the nodes according to the formula (1), and uniquely constructing a time tree according to the serial number and the time attribute of each node;

if the time tree T is not empty, call<0，0>Is the root node, if

Balance<i，t_i>Is a leaf node, otherwise<i，t_i>Referred to as a branch node;

step two: provisioning node configuration protocol

RT denotes a management node, MT denotes a service node; the node configuration protocol comprises information exchange between the MT and the RT, and the MT acquires the number of the MT, the IP of the precursor node and a public key certificate from the RT; the node configuration protocol is executed after the trusted network is started or restarted;

step three: configuring node registration protocols

The node registration protocol is used for verifying the integrity of all the MTs after starting by the RT, the MTs are added into a trusted node network through verification to form a trusted node management network with a time tree topology, and the state of each MT in the network is actively reported to the RT through the predecessor nodes in a first-level and first-level manner; the execution of the node registration protocol occurs between the MT and the RT, and between the MT and the predecessor node; the MT actively executes a node registration protocol after each restart;

step four: configuring node logout protocol

And the cloud administrator reduces the node scale by logging out a part of MT, and if the logged-out MT node is a branch node, the state of a subsequent node is continuously transmitted to the RT by configuring the node logging-out protocol.

Further, the time tree formed in the first step includes a hierarchy of nodes according to the time attribute value t and a hierarchy of nodes according to the sibling relationship.

Further, the specific process of information exchange between the MT and the RT in step two is as follows:

1)MT_isending numbering request information UUID to RT_i；

2) RT by UUID_iQuerying a node state database for an ID_iSimultaneously sending response information ID_i；

3)MT_iID (identity)_iIn the formula (2), the precursor node number ID is calculated_jSending predecessor node information request ID at the same time_j；

4) RT pass ID_jQuerying a node state database to obtain a UUID_jAnd then through UUID_jInquiring a cloud node database to obtain IP_jAnd PK_jSimultaneously to MT_iSending response information IP_jAnd PK_j(ii) a RT by UUID_iQuery cloud node database for PK_i、CON_iAnd CHECKVALUE_iSimultaneously to M/RTPM_i→jSending information ID_i、PK_i、CON_iAnd CHECKVALUE_i；

MT_iID (identity)_i、IP_jAnd PK_jStoring into non-volatile memory of TPM, M/RTPM_i→jID (identity)_iAnd PK_iStoring in a non-volatile memory of the TPM, CON_iAnd CHECKVALUE_iStoring the data in a reference database;

wherein the content of the first and second substances,

ID_ithe number of the node i is used for identifying a node in the trusted node management network and the node state database;

MT_iindicating node number as ID_iThe service node of (2);

UUID_ithe UUID representing the node i is used for permanently identifying a node in the trusted network and the cloud node database;

IP_ian IP address representing node i;

PK_irespectively representing the public keys of the nodes i;

CON_irepresenting the configuration type of the node i, corresponding to a certain configuration type in the node configuration database;

CHECKVALUE_ithe reference value representing the node i is the sum of CON in the node configuration database_iFingerprints corresponding to the types;

M/RTPM_i→jrepresenting a predecessor node j of node i.

Further, MT_iAnd M/RTPM_i→jThe process of information exchange between the two parties comprises the following specific flows:

1)MT_ito M/RTPM_i→jSending registration request information ID_i、CON_iAnd a random number n₁；

2)M/RTPM_i→jTo MTPM_iSending response message random number n₂Signature SIG₁：{n₁，t}SK_j；

3)MTPM_iVerification SIG₁And if the response information is verified and sent: signature SIG₂：{n₁，n₂，ML_i}SK_jOtherwise, sending SUSPEND signal SUSPEND, waiting for the next authentication period to register again;

4)M/RTPM_i→jverification SIG₂If the verification is passed, generating KEY_ijAnd sending response information: { KEY_ij}PK_i，{HEYSET，IPSET}KEY_ijWherein KEYSET is M/RTPM_i→jThe IPSET is an IP set of each node; simultaneous M/RTPM_i→jSending KEY to other successor nodes_ijAnd IP_iIf the verification fails, the MTPM is sent to the front-driving node_iIs not trusted;

wherein, MTPM_iA service node which is a precursor node and lacks time;

SK_iis the private key of node i;

{ M } K denotes the encryption of message M with key K;

KEY_ij: a symmetric key representing the sharing of nodes i and j;

ML_i: an integrity metric value, representing node i, is generated by the trusted evidence collection component.

Further, the node de-registration protocol includes,

let R be the management node, A, Z be the successor node of R, B be the successor node of A, B be the predecessor node of C, D, X, and X be the leaf node;

the node B logout process is as follows:

1) r sends PKZ a deregistration command to B, and removes B from the node state database;

2) b, after receiving the logout command, forwarding PKA and PKZ to X, sending PKX and IPX to A and R, sending IDX to R, and sending PKX to C and D; thereafter B's responsibility in the trusted node management network is assumed by X, B shuts down the computer;

3) after receiving the PKA and PKZ, the X stores PKZ in the non-volatile memory of the TPM; updating the public key of the precursor node to be PKA, updating the IP of the precursor node to be IPA, and changing the number of the precursor node to be IDB; c and D update the public key of the predecessor node to be PKX and the IP of the predecessor node to be IPX after receiving the PKX; after receiving the PKX and the IPX, the A modifies the public key information of the B into the PKX, and establishes a trusted channel through the IPX and the X; after receiving the PKX, the IPX and the IDX, the R forwards the PKX, the IPX and the IDX to the Z; modifying the serial number of Z as IDX and modifying the serial number of X as IDB in the node state database;

4) after receiving the PKX, the IPX and the IDX, the Z sends a termination command to the precursor node, modifies the IP of the precursor node into the IPX, modifies the public key of the precursor node into the PKX, modifies the number of the precursor node into the IDX, and re-executes a node registration protocol;

the node X logout process is as follows:

1) r sends a logout command PKZ to X, changes the number of Z into IDX, sends IDX to Z, and deletes X from the node state database;

2) b modifies the stored PKX into PKZ, and sends IPB and PKB to R; x closes the computer after receiving the logout command; after receiving the IDX, the Z changes the number of the Z into the IDX;

3) after receiving the IPB and the PKB, the R forwards the IPB and the PKB to the Z;

4) z sends a termination command to the precursor node after receiving the IPB and the PKB, modifies the IP of the precursor node into the IPB, modifies the public key of the precursor node into the PKB, and re-executes the node registration protocol; when a large number of MTs are logged out, the RT logs out leaf nodes firstly and logs out branch nodes with large numbers secondly.

Further, the method also comprises a protocol for configuring the node state real-time monitoring, which comprises the following steps:

each node in the TPM alliance initializes 2 empty sets NoTrustedList and LeftList, wherein elements in the NoTrustedList are the number and the type of the node, and elements in the LeftList are leaf node numbers; meanwhile, each node maintains a successor node list subsequentlst, and elements in the list are arranged in a descending order according to the node number;

the status of MT is divided into 3 types:

credibility, i.e. the integrity of the system is not destroyed;

untrusted, i.e. the integrity of some processes in the system is destroyed but the MT integrity of the node is not destroyed, and it is marked as type 1 or the MT integrity of the node is destroyed but the MT integrity of at least one node in the node's predecessor and all siblings is not destroyed, and it is marked as type 2;

the state is unknown, namely the state of the MT is not transferred to the RT through the trusted node management network;

each node in the TPM federation operates as follows:

1) taking a successor node from the SubsequentList;

2) judging whether a trusted channel with the subsequent node is disconnected, if so, inserting the number and the type 2 of the subsequent node into the NoTrustedList; otherwise, verifying the credible evidence, and if the verification fails, inserting the number and the type 1 of the subsequent node into the NoTrustedList;

3) judging whether the subsequent nodes are leaves, if so, inserting the serial numbers into the leftList;

4) inserting the NoTrustedList of the subsequent node into the NoTrustedList of the node, and inserting the leftList of the subsequent node into the leftList of the node;

5) judging whether the subsequent node is the last element in the SubsequentList or not, and if not, skipping to 1) to execute;

6) transmitting the credible evidence, NoTrustedList and leftList of the node to the precursor node; the nortrustedlist and LeftList in the RT node will be state information about the nodes in the entire trusted network; the RT calculates a leaf node number list NoStatusList with unknown state through a leftList;

6.1) taking a leaf node number from NoStatusList, inserting the leaf node number into NoTrustedList, and setting the type as 2;

6.2) calculating the number of the precursor node according to the number, if the number of the precursor node does not appear in the NoTrustedList, inserting the number of the precursor node into the NoTrustedList, setting the type as 2, and jumping to 6.2) for execution;

6.3) judging whether the NoStatusList is traversed or not, and if not, jumping to 6.1) to execute.

7. The method for dynamically managing trusted computing nodes based on unified policy control under cloud environment according to claim 1, further comprising configuring a trusted node management network repair protocol, including:

1) if the leaf node fails, the RT isolates the node through an alarm and gives an alarm to a cloud administrator; after the cloud administrator repairs the node, the node rejoins the TPM alliance according to the node registration protocol;

2) if a single branch node has a fault, A, B, C, D, E is set to represent MT, the fault of B causes the local connection interruption of the trusted node management network, the node C with the largest number is selected from the successor node C, D, E of B to replace B, and the communication of the local network can be recovered; meanwhile, the RT isolates the B through an alarm and gives an alarm to a cloud administrator, the B is restored and then joins the TPM alliance again according to the node registration protocol, and then the trusted node management network is restored;

3) if the node and the predecessor node have faults simultaneously, B, C, F, G, Z represents MT, R represents RT, B and C faults cause the local connection interruption of the trusted node management network, and at the moment, the successor node of B rebuilds the network according to the mode of the step 2); selecting a node F with the largest number from a successor node F, G of the C to replace the C, wherein the F is not connected with the B any longer but is directly connected with the R temporarily, the R selects a node Z with the largest number from the TPM alliance as a predecessor node of the F, and after the F is connected with the Z, the communication of the local network can be recovered; meanwhile, the RT is isolated B, C through an alarm and gives an alarm to a cloud administrator, the RT rejoins the TPM alliance according to the node registration protocol after B, C repair, and then the trusted node management network is repaired.

The invention forms a trusted node management network by the nodes in the trusted network according to the time tree model, and an administrator configures a trusted node configuration protocol, a registration protocol and a logout protocol, and the execution of the protocol does not necessarily occur between the MT and the RT, but occurs between the MT and the predecessor nodes, thereby ensuring that a large number of nodes can be simultaneously registered, logout and maintained in batches, and realizing the trusted transmission among the nodes.

Drawings

Fig. 1 is a time tree when n is 16;

FIG. 2 is a trusted node management network;

FIG. 3 is a schematic diagram of a node configuration protocol;

FIG. 4 is a schematic diagram of a node registration protocol;

FIG. 5 is a schematic diagram of a node deregistration protocol;

FIG. 6 is a state transition diagram;

FIG. 7 is a schematic diagram of a Branch node B failover strategy;

fig. 8 is a BC simultaneous failover strategy diagram.

Detailed Description

The technical scheme of the invention is further explained by the specific implementation mode in combination with the attached drawings. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.

Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the steps as a sequential process, many of the steps can be performed in parallel, concurrently or simultaneously. In addition, the order of the steps may be rearranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure.

Defining a time tree T as a binary group<V，E>Where V is a finite set of n (n ≧ 0) nodes, and V ═ V_iI is not less than 0 and not more than n-1, E is the set of edges between nodes, E is a retaining circle<v_i，v_j>|v_i，v_j∈V，i≠j}。

In addition, v_i＝<I，t>Where I is the node number, I is the set of I, I ∈ [0, n-1 ]]T is a time attribute, t is [0, v ]_i]. Defining the time attribute as the time when the node joins the time tree, if v_iAnd v_jWhen the time tree is added at the same time, t is_i＝t_j(ii) a If v is_iPreceding v_jAdding a time tree, then there is t_i＜t_j. i and t satisfy the following relationship:

f (i) is defined as

V is when and only when i and j satisfy j ═ f (i)_i，v_jE, in this case, v_iIs v_jV successor node of_jIs v_iV is a predecessor node of_jAll successor nodes of (c) are siblings.

When V is phi, T is called as a space time tree; and when V is not equal to phi, randomly determining the serial number by the node in V, and determining the time attribute value of the node according to the formula (1), wherein the time tree is uniquely constructed according to the serial number and the time attribute of each node.

If the time tree T is not empty, call<0，0>Is the root node. If it is

Balance<i，t_i>Is a leaf node, otherwise<i，t_i>Referred to as a branch node.

There are 2 representations of the resulting time tree, depending on the conditions that the set V and the set E must satisfy in the time tree definition. Fig. 1 shows a time tree with n being 16, and nodes in the time tree of the 1 st expression are layered according to a time attribute value t, as shown in fig. 1 (a). Nodes in the time tree of representation 2 are layered according to sibling relationships, see fig. 1 (b).

In a trusted node management network formed by nodes in the trusted network according to a time tree model, RT represents a management node, and MT represents a service node. The RT is numbered 0 and the MT is numbered as defined by the time tree and specified by the cloud administrator when the trusted network initializes to create the node state database. The time attribute value of the node indicates that the node is added to the trusted node management network in the authentication period. The authentication period represents the time it takes to perform remote attestation between 2 nodes.

FIG. 2 is a diagram of a trusted node management network built by a time tree layered according to a time attribute value t.

Before describing the embodiments, the present invention makes the following convention.

UUID_i: and the UUID representing the node i is used for permanently identifying one node in the trusted network and the cloud node database.

ID_i: and the number of the node i is used for identifying one node in the trusted node management network and the node state database.

MT_i: indicating node number as ID_iThe serving node of (1).

M/RTPM_i→j: representing a predecessor node j of node i.

IP_i: indicating the IP address of node i.

PK_i、SK_i: respectively representing the public key and the private key of node i.

KEY_ij: representing the symmetric key shared by nodes i and j.

ML_i: an integrity metric value, representing node i, is generated by the trusted evidence collection component.

CON_i: the configuration type of the node i is represented and corresponds to a certain configuration type in the node configuration database.

CHECKVALUE_i: the reference value representing the node i is the node configurationAnd CON in database_iThe type corresponds to the fingerprint.

{ M } K: indicating that message M is encrypted with key K.

The invention uses a trusted security server to configure Intel Xeon E5620, 4G DDRIII and STCM, runs Linux 3.11.0, uses Octave to simulate 100 ten thousand nodes to establish TPM alliance, and the configuration method comprises the following steps:

the method comprises the following steps: the administrator sets a node configuration protocol, so that the MT acquires the serial number of the MT, the IP of the precursor node and a public key certificate from the RT to establish a trusted node management network. The protocol is executed after the trusted network has booted (including rebooting).

Fig. 3 describes the process of information exchange between MT and RT for plumber alignment, and the specific flow is as follows:

1)MT_isending numbering request information UUID to RT_i。

2) RT by UUID_iQuerying a node state database for an ID_iSimultaneously sending response information ID_i。

3)MT_iID (identity)_iIn the formula (2), the precursor node number ID is calculated_jSending predecessor node information request ID at the same time_j。

4) RT pass ID_jQuerying a node state database to obtain a UUID_jAnd then through UUID_jInquiring a cloud node database to obtain IP_jAnd PK_jSimultaneously to MT_iAnd sending response information: IP (Internet protocol)_jAnd PK_j(ii) a RT by UUID_iQuery cloud node database for PK_i、CON_iAnd CHECKVALUE_iSimultaneously to M/RTPM_i→jSending information ID_i、PK_i、CON_iAnd CHECKVALUE_i。

MT_iID (identity)_i、IP_jAnd PK_jTo the non-volatile memory of the TPM. M/RTPM_i→jID (identity)_iAnd PK_iStoring in a non-volatile memory of the TPM, CON_iAnd CHECKVALUE_iAnd storing the data in a reference database.

Step two: the administrator configures the node registration protocol to enable the RT to verify the integrity of all MTs after startup. The MT can become a member of the trusted network to provide services through authentication. This protocol differs from the centrally based node management strategy in that the execution of the protocol does not necessarily take place between the MT and the RT, but between the MT and the predecessor nodes, thus ensuring that a large number of nodes can be registered simultaneously. The protocol simultaneously realizes the credible transmission between the nodes. The establishment of the trusted node management network is completed by each MT executing a node registration protocol, wherein the node registration protocol utilizes basic functions of TPM, such as random number generation, key generation, signature and signature verification. After each restart of the MT, the node registration protocol is actively executed, and the state of the MT is transmitted to the RT through the trusted node management network. The RT monitors the state of all MTs in real time by using a trusted node management network.

As shown in FIG. 4, the administrator configures the MT_iAnd M/RTPM_i→jThe process of information exchange between the two parties comprises the following specific flows:

1)MT_ito M/RTPM_i→jSending registration request information ID_i、CON_iAnd a random number n₁。

2)M/RTPM_i→jTo MTPM_iAnd sending response information: random number n₂Sign SIG₁：{n₁，t}SK_jWherein t is M/RTPM_i→jAnd adding the identification of the trusted node management network. MTPM_iIs a service node which is short of time for the precursor node.

3)MTPM_iVerification SIG₁And if the response information is verified and sent: signature SIG₂：{n₁，n₂，ML_i}SK_j. . Otherwise, a SUSPEND signal SUSPEND is sent to wait for the next authentication period to re-register.

4)M/RTPM_i→jVerification SIG₂If the verification is passed, generating KEY_ijAnd sending response information: { KEY_ij}PK_i，{KEYSET，IPSET}KEY_ijWherein KEYSET is M/RTPM_i→jAnd the IPSET is an IP set of each node. Simultaneous M/RTPM_i→jSending KEY to other successor nodes_ijAnd IP_i. If the verification fails, the MTPM is sent to the front-driving node_iIs not trusted.

Step three: the administrator configures a node logout protocol, and when the MT is added to the trusted network through the node registration protocol, a trusted node management network of a time tree topology is formed. The state of each MT in the network is actively reported to the RT by the level one of the precursor nodes. When the cloud administrator reduces the node size, a part of MT can be cancelled, and if the cancelled MT node is a branch node, the state of a subsequent node cannot be transferred to the RT. In order to enable the trusted network to freely control the MT number without destroying the trusted node management network, the following policy needs to be adopted for the node deregistration, and the specific flow is as follows:

first, as shown in fig. 5(a), the operation procedure of deregistering the node B is as follows:

1) r sends logout command and PK to B_ZAnd at the same time, deleting B from the node status database.

2) B after receiving the logout command, the PK is connected with the server_AAnd PK_ZForward to X, PK_XAnd IP_XSends ID to A and R_XSends to R, PK_XSent to C and D. Thereafter the role of B in the trusted node management network is assumed by X, B shutting down the computer.

3) X receives PK_AAnd PK_ZThen, PK is treated_ZTo the non-volatile memory of the TPM. X updates the public key of the predecessor node to PK_AUpdating the IP of the predecessor node to IP_AChange its own number to ID_B. C and D receipt of PK_XThen, the public key of the predecessor node is updated to PK_XAnd updating the IP of the precursor node to be IPX. A receives PK_XAnd IP_XThen, modifying the public key information of B into PK_XOver IP_XAnd establishing a trusted channel with X. R receives PK_X、IP_XAnd ID_XThen, PK is treated_X、IP_XAnd ID_XAnd forwarded to Z. Modifying the number of Z to ID in the node status database_XModifying the number of X to ID_B。

4) Z receipt of PK_X、IP_XAnd ID_XThen, sending a termination command to the predecessor node, and modifying the IP of the predecessor node into the IP_XModifying the public key of the predecessor node to PK_XModifying its own number to ID_XAnd re-executing the node registration protocol.

Next, as shown in fig. 5(b), the operation procedure of the cancellation node X is as follows:

1) r sends logout command and PK to X_ZChanging the number of Z to ID_XWill ID_XAnd sending the data to Z, and deleting X from the node state database.

2) B PK to be stored_XModified to PK_ZSending IP to R_BAnd PK_B. And the X shuts down the computer after receiving the logout command. Z receive ID_XThen, the number of the user is changed into ID_X。

3) R receives and sends IP_BAnd PK_BThen, IP will be_BAnd PK_BAnd forwarded to Z.

4) Z-received IP_BAnd PK_BSending a termination command to the precursor node, and modifying the IP of the precursor node into the IP_BModifying the public key of the predecessor node to PK_BAnd re-executing the node registration protocol. When a large number of MTs are logged off, the RT logs off leaf nodes firstly and then logs off branch nodes with large numbers, so that the simultaneous logging-off of all the MTs can be ensured.

Step four: and configuring a node state real-time monitoring protocol by an administrator. Each node in the TPM alliance initializes 2 empty sets, noutrustedlist and LeftList, where elements in noutrustedlist are the number of the node and its type, and elements in LeftList are leaf node numbers. Meanwhile, each node maintains a successor node list subsequentlst, and elements in the list are arranged in a descending order according to the node number. The status of MT is divided into 3 types: credibility, i.e. the integrity of the system is not destroyed; untrusted, i.e. the integrity of some processes in the system is destroyed but the MT integrity of the node is not destroyed (denoted as type 1) or the MT integrity of the node is destroyed but the MT integrity of at least one node of its predecessor and all siblings is not destroyed (denoted as type 2); the state is unknown, i.e. the state of the MT is not passed to the RT through the trusted node management network. The state transition of the node is shown in fig. 6, where the dashed ellipse indicates that the state is transient.

Specifically, each node in the TPM federation performs the following operations:

1) a successor node is taken from SubsequentList.

2) Judging whether a trusted channel with the subsequent node is disconnected, if so, inserting the number and the type 2 of the subsequent node into the NoTrustedList; otherwise, verifying the credible evidence, and if the verification fails, inserting the subsequent node number and the type 1 into the NoTrustedList.

3) And judging whether the subsequent node is a leaf or not, and if so, inserting the serial number into the leftList.

4) And inserting the NoTrustedList of the successor node into the NoTrustedList of the node, and inserting the leftList of the successor node into the leftList of the node.

5) And judging whether the subsequent node is the last element in the SubsequentList, and if not, jumping to 1) to execute.

6) And transmitting the credible evidence, the NoTrustedList and the leftList of the node to the precursor node. The nortrustedlist and LeftList in the RT node will be state information about the nodes in the entire trusted network. And the RT calculates a leaf node number list NoStatusList with unknown state through a leftList. 1) A leaf node number is taken from NoStatusList and inserted into NoTrustedList with the type set to 2. 2) And calculating the number of the precursor node according to the number, and if the number of the precursor node does not appear in the NoTrustedList, inserting the number of the precursor node into the NoTrustedList, setting the type as 2, and jumping to 2) for execution. 3) And judging whether the NoStatusList is traversed or not, and if not, jumping to 1) to execute.

Step five: an administrator configures a trusted node management network repair protocol, and a repair strategy is divided into three conditions:

1) if the leaf node fails, the RT isolates the node through an alarm and gives an alarm to a cloud administrator. And after the cloud administrator repairs the node, the node rejoins the TPM alliance according to the node registration protocol.

2) If a single branch node fails, the repair strategy is as shown in fig. 7.

Wherein A, B, C, D, E represents MT, B failure causes a trusted node to manage network local connectivity disruption, and a node is selected from B's successor nodes C, D, E to replace B. The selection rule is to select the node with the largest number. Assuming that the number C is the largest in fig. 7, C is selected instead of B, and the communication of the local network can be recovered. And meanwhile, the RT isolates the B through an alarm and gives an alarm to a cloud administrator, the B rejoins the TPM alliance according to the node registration protocol after being repaired, and then the trusted node management network is repaired.

3) If a node fails simultaneously with a predecessor node, the repair strategy is shown in fig. 8. Wherein B, C, F, G, Z represents MT and R represents RT. B. C, the failure causes the local connection of the trusted node management network to be interrupted, at the moment, the subsequent node of B rebuilds the network according to the mode of FIG. 7, and an example is not given in the figure; and a node is selected from the successor nodes F, G of the C to replace the C, and the selection rule is still the node with the largest number. In the figure, it is assumed that F number is larger than G number, so F is selected instead of C. Because the predecessor B of the C fails, F does not establish connection with B any more, but directly establishes temporary connection with R, R selects a node Z with the largest number from the TPM alliance as the predecessor node of F, and communication of the local network can be recovered after the F establishes connection with Z. Meanwhile, the RT is isolated B, C through an alarm and gives an alarm to a cloud administrator, the RT rejoins the TPM alliance according to the node registration protocol after B, C repair, and then the trusted node management network is repaired.

Claims (7)

1. The method for dynamically managing the trusted computing nodes in the cloud environment is characterized by comprising the following steps:

the method comprises the following steps: establishing a trusted node time tree model

Defining a time tree T as a binary group<V，E>Where V is a finite set of n (n ≧ 0) nodes, and V ═ V_iI is not less than 0 and not more than n-1, E is the set of edges between nodes, E is a retaining circle<v_i，v_j>|v_i，v_j∈V，i≠j}；

v_i＝<I，t>Wherein I is a set of node numbers I, I belongs to [0, n-1 ]]T is a time attribute, t belongs to[0，v_i]Defining the time attribute t as the time when the node is added into the time tree, if v_iAnd v_jWhen the time tree is added at the same time, t is_i＝t_j(ii) a If v is_iPreceding v_jAdding a time tree, then there is t_i＜t_jI and t satisfy the following relationship:

f (i) is defined as

V is when and only when i and j satisfy j ═ f (i)_i，v_jE, in this case, v_iIs v_jV successor node of_jIs v_iV is a predecessor node of_jAll successor nodes of (1) are brother nodes;

when V is phi, T is called as a space time tree; when V is not equal to phi, randomly determining the serial number by the nodes in V, determining the time attribute value of the nodes according to the formula (1), and uniquely constructing a time tree according to the serial number and the time attribute of each node;

if the time tree T is not empty, call<0，0>Is the root node, if

Balance<i，t_i>Is a leaf node, otherwise<i，t_i>Referred to as a branch node;

step two: provisioning node configuration protocol

RT denotes a management node, MT denotes a service node; the node configuration protocol comprises information exchange between the MT and the RT, and the MT acquires the number of the MT, the IP of the precursor node and a public key certificate from the RT; the node configuration protocol is executed after the trusted network is started or restarted;

step three: configuring node registration protocols

The node registration protocol is used for verifying the integrity of all the MTs after starting by the RT, the MTs are added into a trusted node network through verification to form a trusted node management network with a time tree topology, and the state of each MT in the network is actively reported to the RT through the predecessor nodes in a first-level and first-level manner; the execution of the node registration protocol occurs between the MT and the RT, and between the MT and the predecessor node; the MT actively executes a node registration protocol after each restart;

step four: configuring node logout protocol

And the cloud administrator reduces the node scale by logging out a part of MT, and if the logged-out MT node is a branch node, the state of a subsequent node is continuously transmitted to the RT by configuring the node logging-out protocol.

2. The method of claim 1, wherein the time tree formed in the first step includes a hierarchy of nodes according to a time attribute value t and a hierarchy of nodes according to a sibling relationship.

3. The method for dynamically managing trusted computing nodes in a cloud environment according to claim 1 or 2, wherein a specific process of information exchange between the MT and the RT in the second step is as follows:

1)MT_isending numbering request information UUID to RT_i；

2) RT by UUID_iQuerying a node state database for an ID_iSimultaneously sending response information ID_i；

3)MT_iID (identity)_iIn the formula (2), the precursor node number ID is calculated_jSending predecessor node information request ID at the same time_j；

4) RT pass ID_jQuerying a node state database to obtain a UUID_jAnd then through UUID_jInquiring a cloud node database to obtain IP_jAnd PK_jSimultaneously to MT_iSending response information IP_jAnd PK_j(ii) a RT by UUID_iQuery cloud node database for PK_i、CON_iAnd CHECKVALUE_iSimultaneously to M/RTPM_i→jSending information ID_i、PK_i、CON_iAnd CHECKVALUE_i；

MT_iID (identity)_i、IP_jAnd PK_jStoring into non-volatile memory of TPM, M/RTPM_i→jID (identity)_iAnd PK_iStoring in a non-volatile memory of the TPM, CON_iAnd CHECKVALUE_iStoring the data in a reference database;

wherein the content of the first and second substances,

ID_ithe number of the node i is used for identifying a node in the trusted node management network and the node state database;

MT_iindicating node number as ID_iThe service node of (2);

UUID_ithe UUID representing the node i is used for permanently identifying a node in the trusted network and the cloud node database;

IP_ian IP address representing node i;

PK_irespectively representing the public keys of the nodes i;

CON_irepresenting the configuration type of the node i, corresponding to a certain configuration type in the node configuration database;

CHECKVALUE_ithe reference value representing the node i is the sum of CON in the node configuration database_iFingerprints corresponding to the types;

M/RTPM_i→jrepresenting a predecessor node j of node i.

4. The method for dynamically managing trusted computing nodes in cloud environment according to claim 3, wherein MT_iAnd M/RTPM_i→jThe process of information exchange between the two parties comprises the following specific flows:

1)MT_ito M/RTPM_i→jSending registration request information ID_i、CON_iAnd a random number n₁；

2)M/RTPM_i→jTo MTPM_iSending response message random number n₂Signature SIG₁：{n₁，t}SK_j；

3)MTPM_iVerification SIG₁And if the response information is verified and sent: signature SIG₂：{n₁，n₂，ML_i}SK_jOtherwise, sending SUSPEND signal SUSPEND, waiting for the next authentication period to register again;

4)M/RTPM_i→jverification SIG₂If the verification is passed, generating KEY_ijAnd sending response information: { KEY_ij}PK_i，{KEYSET，IPSET}KEY_ijWherein KEYSET is M/RTPM_i→jThe IPSET is an IP set of each node; simultaneous M/RTPM_i→jSending KEY to other successor nodes_ijAnd IP_iIf the verification fails, the MTPM is sent to the front-driving node_iIs not trusted;

wherein, MTPM_iA service node which is a precursor node and lacks time;

SK_iis the private key of node i;

{ M } K denotes the encryption of message M with key K;

KEY_ij: a symmetric key representing the sharing of nodes i and j;

ML_i: an integrity metric value, representing node i, is generated by the trusted evidence collection component.

5. The method for dynamically managing trusted computing nodes in a cloud environment according to claim 4, wherein the node logout protocol includes,

let R be the management node, A, Z be the successor node of R, B be the successor node of A, B be the predecessor node of C, D, X, and X be the leaf node;

the node B logout process is as follows:

1) r sends PKZ a deregistration command to B, and removes B from the node state database;

2) b, after receiving the logout command, forwarding PKA and PKZ to X, sending PKX and IPX to A and R, sending IDX to R, and sending PKX to C and D; thereafter B's responsibility in the trusted node management network is assumed by X, B shuts down the computer;

3) after receiving PKA and PKZ, X stores PKZ in TPM's non-volatile memory: updating the public key of the precursor node to be PKA, updating the IP of the precursor node to be IPA, and changing the number of the precursor node to be IDB; c and D update the public key of the predecessor node to be PKX and the IP of the predecessor node to be IPX after receiving the PKX; after receiving the PKX and the IPX, the A modifies the public key information of the B into the PKX, and establishes a trusted channel through the IPX and the X; after receiving the PKX, the IPX and the IDX, the R forwards the PKX, the IPX and the IDX to the Z; modifying the serial number of Z as IDX and modifying the serial number of X as IDB in the node state database;

4) after receiving the PKX, the IPX and the IDX, the Z sends a termination command to the precursor node, modifies the IP of the precursor node into the IPX, modifies the public key of the precursor node into the PKX, modifies the number of the precursor node into the IDX, and re-executes a node registration protocol;

the node X logout process is as follows:

1) r sends a logout command PKZ to X, changes the number of Z into IDX, sends IDX to Z, and deletes X from the node state database;

2) b modifies the stored PKX into PKZ, and sends IPB and PKB to R; x closes the computer after receiving the logout command; after receiving the IDX, the Z changes the number of the Z into the IDX;

3) after receiving the IPB and the PKB, the R forwards the IPB and the PKB to the Z;

4) z sends a termination command to the precursor node after receiving the IPB and the PKB, modifies the IP of the precursor node into the IPB, modifies the public key of the precursor node into the PKB, and re-executes the node registration protocol; when a large number of MTs are logged out, the RT logs out leaf nodes firstly and logs out branch nodes with large numbers secondly.

6. The method for dynamically managing trusted computing nodes based on unified policy control under the cloud environment according to claim 1, further comprising configuring a node status real-time monitoring protocol, including:

each node in the TPM alliance initializes 2 empty sets NoTrustedList and LeftList, wherein elements in the NoTrustedList are the number and the type of the node, and elements in the LeftList are leaf node numbers; meanwhile, each node maintains a successor node list subsequentlst, and elements in the list are arranged in a descending order according to the node number;

the status of MT is divided into 3 types:

credibility, i.e. the integrity of the system is not destroyed;

untrusted, i.e. the integrity of some processes in the system is destroyed but the MT integrity of the node is not destroyed, and it is marked as type 1 or the MT integrity of the node is destroyed but the MT integrity of at least one node in the node's predecessor and all siblings is not destroyed, and it is marked as type 2;

the state is unknown, namely the state of the MT is not transferred to the RT through the trusted node management network;

each node in the TPM federation operates as follows:

1) taking a successor node from the SubsequentList;

2) judging whether a trusted channel with the subsequent node is disconnected, if so, inserting the number and the type 2 of the subsequent node into the NoTrustedList; otherwise, verifying the credible evidence, and if the verification fails, inserting the number and the type 1 of the subsequent node into the NoTrustedList;

3) judging whether the subsequent nodes are leaves, if so, inserting the serial numbers into the leftList;

4) inserting the NoTrustedList of the subsequent node into the NoTrustedList of the node, and inserting the leftList of the subsequent node into the leftList of the node;

5) judging whether the subsequent node is the last element in the SubsequentList or not, and if not, skipping to 1) to execute;

6) transmitting the credible evidence, NoTrustedList and leftList of the node to the precursor node; the nortrustedlist and LeftList in the RT node will be state information about the nodes in the entire trusted network; the RT calculates a leaf node number list NoStatusList with unknown state through a leftList;

6.1) taking a leaf node number from NoStatusList, inserting the leaf node number into NoTrustedList, and setting the type as 2;

6.2) calculating the number of the precursor node according to the number, if the number of the precursor node does not appear in the NoTrustedList, inserting the number of the precursor node into the NoTrustedList, setting the type as 2, and jumping to 6.2) for execution;

6.3) judging whether the NoStatusList is traversed or not, and if not, jumping to 6.1) to execute.

7. The method for dynamically managing trusted computing nodes based on unified policy control under cloud environment according to claim 1, further comprising configuring a trusted node management network repair protocol, including:

1) if the leaf node fails, the RT isolates the node through an alarm and gives an alarm to a cloud administrator; after the cloud administrator repairs the node, the node rejoins the TPM alliance according to the node registration protocol;

2) if a single branch node has a fault, A, B, C, D, E is set to represent MT, the fault of B causes the local connection interruption of the trusted node management network, the node C with the largest number is selected from the successor node C, D, E of B to replace B, and the communication of the local network can be recovered; meanwhile, the RT isolates the B through an alarm and gives an alarm to a cloud administrator, the B is restored and then joins the TPM alliance again according to the node registration protocol, and then the trusted node management network is restored;

3) if the node and the predecessor node have faults simultaneously, B, C, F, G, Z represents MT, R represents RT, B and C faults cause the local connection interruption of the trusted node management network, and at the moment, the successor node of B rebuilds the network according to the mode of the step 2); selecting a node F with the largest number from a successor node F, G of the C to replace the C, wherein the F is not connected with the B any longer but is directly connected with the R temporarily, the R selects a node Z with the largest number from the TPM alliance as a predecessor node of the F, and after the F is connected with the Z, the communication of the local network can be recovered; meanwhile, the RT is isolated B, C through an alarm and gives an alarm to a cloud administrator, the RT rejoins the TPM alliance according to the node registration protocol after B, C repair, and then the trusted node management network is repaired.

Images