CN113645230A - System and method for analyzing credible value of node - Google Patents

System and method for analyzing credible value of node Download PDF

Info

Publication number
CN113645230A
CN113645230A CN202110911706.3A CN202110911706A CN113645230A CN 113645230 A CN113645230 A CN 113645230A CN 202110911706 A CN202110911706 A CN 202110911706A CN 113645230 A CN113645230 A CN 113645230A
Authority
CN
China
Prior art keywords
trusted
node
value
oat
program running
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110911706.3A
Other languages
Chinese (zh)
Other versions
CN113645230B (en
Inventor
阮安邦
魏明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Octa Innovations Information Technology Co Ltd
Original Assignee
Beijing Octa Innovations Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Octa Innovations Information Technology Co Ltd filed Critical Beijing Octa Innovations Information Technology Co Ltd
Priority to CN202110911706.3A priority Critical patent/CN113645230B/en
Publication of CN113645230A publication Critical patent/CN113645230A/en
Application granted granted Critical
Publication of CN113645230B publication Critical patent/CN113645230B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Debugging And Monitoring (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a system and a method for analyzing a credible value of a node, wherein the system comprises the following steps: the system comprises a trusted streaming computing cluster, at least one OAT and at least one node connected with each OAT, wherein each node is provided with a TPM security chip. The OAT collects a fixed credible value recorded in a TPM security chip of the node and program operation data of the node aiming at each connected node; and sending the program running data to the trusted streaming computing cluster, and receiving an actual trusted value corresponding to the program running data computed and returned by the trusted streaming computing cluster.

Description

System and method for analyzing credible value of node
The invention relates to a divisional application with application number of 201810575105.8, application date of 2018, 6/6 and application type of invention and with application name of a system and a method for determining credibility of nodes.
Technical Field
The invention relates to the field of trusted computing, in particular to a system and a method for analyzing a trusted value of a node.
Background
The trusted computing technology is a security technology for solving the computer system structure, and enables a computing platform to have the capability of distinguishing whether a program code is trusted or not during running by establishing a specific integrity measurement mechanism, thereby establishing an effective prevention and control method and measure for the untrusted program code.
At present, oat (open association) may collect program running data of each connected node, and determine whether each node is trusted according to a trusted computing result by performing trusted computing on the program running data.
But when the number of connected nodes is large, trusted computing typically requires the occupation of large device resources.
The chinese patent publication No. CN105760271A discloses a method for monitoring the trusted status of a computing node in a cluster mode, which includes: the system comprises three parts, namely a trusted computing node, a computing node agent program and a cluster trusted management program. Compared with the prior art, the method for monitoring the trusted state of the computing node in the cluster mode can reflect the integrity of each key component and file in real time, can reflect the tampered host and attack points in time once the computing node is tampered, and can repair the tampered content according to the report by a data center administrator.
In the prior art, under the condition that the number of connected nodes is large, because the program running data of each connected node needs to be collected for trusted calculation to determine whether each node is trusted, the calculated amount is large, and therefore a large amount of equipment resources are occupied, a system and a method are needed, and whether the node is trusted can be determined only by executing simple operation, so that the system and the method for analyzing the trusted value of the node are provided.
Disclosure of Invention
The invention provides a system and a method for determining credibility of a node, which can reduce equipment resources occupied by credible calculation.
In order to achieve the purpose, the invention is realized by the following technical scheme:
in one aspect, the present invention provides a system for determining that a node is trusted, including:
a trusted streaming computing cluster, at least one OAT, at least one node to which each of the OATs is connected;
any one node is provided with a TPM (trusted platform Module) security chip;
each of the OATs is configured to perform, for each of the connected nodes: collecting a first fixed credible value recorded in a TPM security chip of a current node; collecting first program operation data of the current node; sending the first program running data to the trusted streaming computing cluster, and receiving an actual trusted value corresponding to the first program running data returned by the trusted streaming computing cluster; judging whether the first fixed credible value, the actual credible value corresponding to the first program running data and the pre-stored expected credible value of the current node are consistent, if so, determining that the current node is credible;
the trusted streaming computing cluster is configured to perform, for each of the OATs: executing the following steps for each program operation data sent by the current OAT: and calculating an actual credible value corresponding to the current program running data, and returning the actual credible value corresponding to the current program running data to the current OAT.
Further, the first program running data carries a node unique identifier of the current node;
and the trusted streaming computing cluster is further configured to control an actual trusted value corresponding to the first program running data to carry the node unique identifier of the current node.
Further, the trusted streaming computing cluster comprises: an RPC (Remote Procedure Call) interface, at least one distributed RPC server and at least one computing topology;
each OAT is specifically used for sending each program running data to the trusted streaming computing cluster by calling the RPC interface, and each sent program running data carries an OAT unique identifier of the OAT;
each distributed RPC server is used for distributing received program operation data to the computing topology specified by the distribution command according to the distribution command currently sent from the outside when receiving a program operation data sent from any OAT; when an actual trusted value is received, sending the received actual trusted value to a corresponding OAT according to an OAT unique identifier carried by program running data corresponding to the actual trusted value;
each computing topology is used for computing an actual credibility value corresponding to received program running data when receiving the program running data, and sending the computed actual credibility value to the distributed RPC server designated by the distribution command according to the external current distribution command.
Further, each of the computing topologies consists of an associated Spout and at least one Bolt;
each Spout is used for analyzing received program operation data and then sending the analyzed program operation data to a related Bolt when receiving the program operation data distributed by any one of the distributed RPC servers;
each Bolt is used for calculating an actual credible value corresponding to the received program running data when receiving analyzed program running data, and distributing the calculated actual credible value to the distributed RPC server appointed by the distribution command according to the external current distribution command.
Further, the system for determining that the node is trusted further comprises: a data consistency service module;
the trusted streaming computing cluster is a storm cluster;
the storm cluster further comprises: nimbus, at least one super visor;
the data consistency service module is used for coordinating the Nimbus and the at least one Supervisor;
the Nimbus is used for allocating tasks to each Supervisor through resource allocation and task scheduling;
each of the supervisors is configured to control sending of the distribution command according to the task assigned by the Nimbus.
Further, the data consistency service module comprises: zookeeper.
Further, each TPM security chip comprises: a PCR (platform configuration Register) for storing a fixed trusted value;
each node is used for starting a program based on a starting principle of measuring first and then executing, and placing program running data of a program starting process in a measurement log file in a log mode, wherein the measurement log file is located outside the equipped TPM security chip.
Further, the system for determining that the node is trusted further comprises: a third party certification authority;
an AIK certificate and an original trusted value are recorded in each TPM security chip;
each node is further used for encrypting the original trusted value recorded in the internal TPM security chip by using a private key of the AIK certificate recorded in the internal TPM security chip, and recording an obtained ciphertext as a fixed trusted value;
the OAT connected with the current node is further configured to collect a first AIK certificate recorded in a TPM security chip of the current node, and send the first fixed trusted value and the first AIK certificate to the trusted streaming computing cluster;
the trusted streaming computing cluster is further configured to send the first AIK certificate to the third-party certification authority; decrypting the first fixed trusted value using the public key of the first AIK certificate returned by the third party certification authority;
and the third-party certification authority is used for sending a preset public key of the first AIK certificate to the trusted streaming computing cluster when the preset valid certificate list is judged to include the first AIK certificate.
Further, the third-party certification authority is further configured to perform, for each AIK certificate in the list of valid certificates: and when the current AIK certificate is monitored to be invalid, removing the current AIK certificate from the valid certificate list.
In another aspect, the present invention provides a method for determining trust of a node, which is performed based on any one of the above systems for determining trust of a node, and is characterized in that the method includes:
each OAT performs, for each connected node: collecting a fixed credible value recorded in a TPM security chip equipped in a current node; collecting first program operation data of the current node; sending the first program running data to a trusted streaming computing cluster;
the trusted streaming computing cluster performs, for each of the OATs: executing the following steps for each program operation data sent by the current OAT: calculating an actual credible value corresponding to current program running data, and returning the actual credible value corresponding to the current program running data to the current OAT;
receiving an actual trusted value corresponding to the first program running data returned by the trusted streaming computing cluster by the OAT connected with the current node;
and judging whether the fixed credible value, the actual credible value corresponding to the first program running data and the pre-stored expected credible value of the current node are consistent or not by the OAT connected with the current node, and if so, determining that the current node is credible.
The invention provides a system and a method for determining credibility of nodes, wherein the system comprises the following steps: the system comprises a trusted streaming computing cluster, at least one OAT and at least one node connected with each OAT, wherein each node is provided with a TPM security chip. The OAT collects a fixed credible value recorded in a TPM security chip of the node and program operation data of the node aiming at each connected node; sending the program running data to a trusted streaming computing cluster, and receiving an actual trusted value corresponding to the program running data computed and returned by the trusted streaming computing cluster; and when the fixed credibility value, the actual credibility value and the pre-stored expected credibility value of the same node are judged to be consistent, determining that the node is credible. The OAT does not perform trusted computing, a special computer group performs execution instead in a streaming computing mode, and the OAT can determine whether the node is trusted only by performing simple numerical value receiving and sending comparison operation, so that the method can reduce the equipment resources occupied by trusted computing.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a schematic diagram of a system for determining trustworthiness of a node according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of another system for determining trustworthiness of a node provided by an embodiment of the invention;
fig. 3 is a flowchart of a method for determining node trust according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a system for determining that a node is trusted, which may include:
a trusted streaming computing cluster 101, at least one OAT102, at least one node 103 to which each of the OAT102 is connected;
any one of the nodes 103 is equipped with a TPM security chip 1031;
each of the OATs 102 is configured to perform, for each of the connected nodes 103: collecting a first fixed credible value recorded in a TPM security chip of a current node; collecting first program operation data of the current node; sending the first program running data to the trusted streaming computing cluster 101, and receiving an actual trusted value corresponding to the first program running data returned by the trusted streaming computing cluster 101; judging whether the first fixed credible value, the actual credible value corresponding to the first program running data and the pre-stored expected credible value of the current node are consistent, if so, determining that the current node is credible;
the trusted streaming computing cluster 101 is configured to execute, for each OAT 102: executing the following steps for each program operation data sent by the current OAT: and calculating an actual credible value corresponding to the current program running data, and returning the actual credible value corresponding to the current program running data to the current OAT.
The embodiment of the invention provides a system for determining node credibility, which comprises a credible streaming computing cluster, at least one OAT and at least one node connected with each OAT, wherein each node is provided with a TPM security chip. The OAT collects a fixed credible value recorded in a TPM security chip of the node and program operation data of the node aiming at each connected node; sending the program running data to a trusted streaming computing cluster, and receiving an actual trusted value corresponding to the program running data computed and returned by the trusted streaming computing cluster; and when the fixed credibility value, the actual credibility value and the pre-stored expected credibility value of the same node are judged to be consistent, determining that the node is credible. The OAT does not perform trusted computing, a special computer group performs execution instead in a streaming computing mode, and the OAT can determine whether the node is trusted only by performing simple numerical value transceiving comparison operation, so that the embodiment of the invention can reduce the equipment resources occupied by the trusted computing.
In detail, trusted computing technology may rely on a coprocessor TPM embedded on the platform. The TPM may have at least the primary functions of symmetric encryption, asymmetric encryption, secure storage, integrity measurement, signature authentication, etc. As shown in fig. 1, to determine whether each node is trusted, a TPM security chip may be provided in each node.
In detail, a fixed trusted value may be recorded in the TPM security chip, and this trusted value is generally only accessible by the TPM itself, and thus is generally not easily altered by malicious intent.
In addition, for each node, the program operation data can also be a factor for measuring the credibility of the node, but the program operation data can be changed maliciously due to the existence of the possibility. Under normal conditions, the credible value calculated by program operation data is consistent with the recorded fixed credible value, otherwise, the node is not credible.
As can be seen from fig. 1, there may be a plurality of OATs, and there may be a plurality of node data connected to each OAT, so to reduce the processing pressure of the OAT data, a unified trusted streaming computing cluster may be used to perform trusted computing, and the computing result is fed back to the corresponding OAT.
Based on the above, in addition to comparing the fixed credible value and the actual credible value, the OAT may also have a pre-stored expected credible value of the node. Normally, all 3 credible values should be kept consistent, otherwise, the corresponding node can be considered to be not credible. In the embodiment of the invention, the OAT can finish the node credibility verification only by performing the comparison of 3 credible values and the related data transceiving operation, and the process occupies less equipment resources, so that the OAT can cope with the condition of more nodes to be verified, and can ensure higher equipment performance.
In an embodiment of the present invention, the first program operation data carries a node unique identifier of the current node;
the trusted streaming computing cluster 101 is further configured to control an actual trusted value corresponding to the first program running data to carry the node unique identifier of the current node.
In detail, each program running data may carry a node unique identifier of a corresponding node, so that when any actual trusted value is calculated by the trusted streaming computing cluster, the trusted streaming computing cluster can be enabled to carry the corresponding node unique identifier, and thus when each actual trusted value is fed back to the corresponding OAT by the trusted streaming computing cluster, the OAT can simply and quickly determine which node is the target of each actual trusted value.
In an embodiment of the present invention, referring to fig. 2, the trusted streaming computing cluster 101 includes: an RPC interface 1011, at least one distributed RPC server 1012, at least one compute topology 1013;
each OAT102 is specifically configured to send each program running data to the trusted streaming computing cluster 101 by calling the RPC interface 1011, where each sent program running data carries its own unique OAT identifier;
each of the distributed RPC servers 1012 is configured to, when receiving a program running data sent by any one of the OATs 102, distribute the received program running data to the computing topology 1013 specified by the distribution command according to the distribution command currently sent from the outside; when an actual trusted value is received, the received actual trusted value is sent to the corresponding OAT102 according to the OAT unique identifier carried by the program running data corresponding to the actual trusted value;
each of the computing topologies 1013 is configured to, when receiving a program running data, compute an actual trusted value corresponding to the received program running data, and according to an external current distribution command, distribute the computed actual trusted value to the distributed RPC server 1012 specified by the distribution command.
In detail, the distributed RPC server may be responsible for providing a distributed RPC call service.
In detail, the trusted streaming computing cluster may be provided with a unified RPC interface, and each OAT may make a trusted computing request by calling the RPC interface, so as to send each program running data for trusted computing to the trusted streaming computing cluster.
In detail, the trusted streaming computing cluster may include a distributed RPC server cluster and a computing topology cluster, and program operation data sent by the external OAT may be sent to a computing topology through any distributed RPC server, so as to complete trusted computing in the computing topology.
In one embodiment of the present invention, the distributed RPC server that performs the program execution data transceiving operation may be an available server, such as a server that may be idle. Thus, when a server is externally determined to be available, a distribution command can be sent to the server so that the server can receive the program running data sent from the RPC interface and distribute the program running data to the specified computing topology. Of course, the specified computing topology may be any available computing topology for externally determined executable trusted computing.
Correspondingly, after the computation topology completes the trusted computation, the trusted computation result needs to be fed back to the corresponding OAT, so that the trusted computation result is fed back to the corresponding OAT through any available distributed RPC server and RPC interface based on an external distribution command.
In the embodiment of the invention, the trusted calculation result, that is, the calculated actual trusted value, may carry the unique identifier of the corresponding OAT, so that any distributed RPC server may feed back each actual trusted value to the corresponding OAT based on the unique identifier of the OAT.
In one embodiment of the present invention, referring to fig. 2, each of the computing topologies 1013 is composed of an associated Spout10131 and at least one Bolt 10132;
each Spout10131 is configured to, when receiving a program running data distributed by any one of the distributed RPC servers 1012, parse the received program running data and send the parsed program running data to an associated Bolt 10132;
each Bolt10132 is configured to, when receiving an analyzed program running data, calculate an actual trusted value corresponding to the received program running data, and according to an external current distribution command, distribute the calculated actual trusted value to the distributed RPC server 1012 specified by the distribution command.
In detail, the computing topology may be composed of two types of components, Spout responsible for data parsing and sending and Bolt responsible for computing the trusted value.
In detail, the computing topology can be built up from different Spout and Bolt, which are topological graphs connected by data streams. Where Spout is a data source used to produce data for computing topology, generally reading and sending data from an external data source without interruption, and Bolt is a message handler and can process data in a single stage.
The distributed RPCSpout component in the computation topology can receive computation data forwarded by a distributed RPC server, analyze and send the computation data, and the sent object can be each Bolt for logically achieving the computation of the credible value. Then, after Bolt calculates each trusted value, it can return the calculation result to the corresponding OAT requesting calculation service by an available distributed RPC server.
Referring to fig. 2, the path shown by the arrow in fig. 2 may be a corresponding data processing path when OAT-2 requests trusted computing from the trusted streaming computing cluster.
In an embodiment of the present invention, referring to fig. 2, the system for determining that a node is trusted further includes: a data consistency service module 201;
the trusted streaming computing cluster 101 is a storm cluster;
the storm cluster further comprises: nimbus1014, at least one super 1015;
the data consistency service module 201 is configured to coordinate the Nimbus1014 and the at least one hypervisor 1015;
the Nimbus1014 is configured to allocate a task to each hypervisor 1015 through resource allocation and task scheduling;
each of the supervisors 1015 is configured to control sending of the distribution command according to the task assigned by the Nimbus 1014.
In detail, Nimbus may be responsible for resource allocation and task scheduling.
In detail, the hypervisor can be used as an attrition calculation asynchronous task manager and is responsible for receiving tasks distributed by Nimbus and starting and stopping worker processes managed by the hypervisor.
In detail, the Worker may be a process running a specific processing element logic, and only two types of tasks are run, the Spout and Bolt tasks.
In the embodiment of the invention, one computing topology can comprise one or more Workers, wherein each Worker process can only belong to one specific computing topology. These Worker processes can run in parallel on different servers in the cluster, i.e., a computing topology is actually made up of processes running in parallel on multiple servers in a streaming computing cluster. In addition, an executive (thread) is a thread generated by a Worker process, each Worker process runs one or more executive threads in the topology, one or more Task tasks can be executed in one executive thread, but the Task tasks can all correspond to the same component, namely, Spout and Bolt. The Task can be the minimum unit for actually performing data processing, and each Task is a Spout or a Bolt. For the above reasons, compared with the conventional trusted computing of each machine node in a point-to-point manner, the streaming computing according to the embodiment of the present invention has better parallelism than the conventional manner.
In detail, the data consistency service may be responsible for coordinating Nimbus and hypervisor for preserving metadata.
In an embodiment of the present invention, the data consistency service module 201 includes: zookeeper.
In an embodiment of the present invention, each of the TPM security chips 1031 includes: a PCR for storing a fixed confidence value;
each of the nodes 103 is configured to start a program based on a starting principle of measurement and then execution, and place program running data of a program starting process in a measurement log file in a form of a log, where the measurement log file is located outside the equipped TPM security chip 1031.
In detail, the fixed trusted values of the TPM records may be stored in internal PCRs.
In an embodiment of the present invention, referring to fig. 2, the system for determining that a node is trusted further includes: a third party certification authority 202;
each TPM security chip 1031 records an AIK certificate and an original trusted value;
each node 103 is further configured to encrypt an original trusted value recorded in the internal TPM security chip 1031 by using a private key of the AIK certificate recorded in the internal TPM security chip 1031, and record an obtained ciphertext as a fixed trusted value;
the OAT102 connected to the current node is further configured to collect a first AIK certificate recorded in a TPM security chip of the current node, and send the first fixed trusted value and the first AIK certificate to the trusted streaming computing cluster 101;
the trusted streaming computing cluster 101 is further configured to send the first AIK certificate to the third-party certification authority 202; decrypting the first fixed trusted value using the public key of the first AIK certificate returned by the third party certification authority 202;
the third-party certification authority 202 is configured to send a preset public key of the first AIK certificate to the trusted streaming computing cluster 101 when it is determined that the preset valid certificate list includes the first AIK certificate.
In detail, the collected fixed trusted value may be in a form of a ciphertext, and only when the AIK certificate of the node is valid, the ciphertext may be decrypted by using the certificate public key to obtain a plaintext.
In an embodiment of the present invention, the third-party certification authority 202 is further configured to perform, for each AIK certificate in the valid certificate list: and when the current AIK certificate is monitored to be invalid, removing the current AIK certificate from the valid certificate list.
In detail, the third-party certification authority may update the valid certificate list in real time to ensure the accuracy of the validity of the certificate.
As shown in fig. 3, an embodiment of the present invention provides a method for determining trust of a node, which is executed based on any of the above systems for determining trust of a node, and specifically includes the following steps:
step 301: each OAT performs, for each connected node: collecting a fixed credible value recorded in a TPM security chip equipped in a current node; collecting first program operation data of the current node; and sending the first program running data to the trusted streaming computing cluster.
Step 302: the trusted streaming computing cluster performs, for each of the OATs: executing the following steps for each program operation data sent by the current OAT: and calculating an actual credible value corresponding to the current program running data, and returning the actual credible value corresponding to the current program running data to the current OAT.
Step 303: and the OAT connected with the current node receives an actual trusted value corresponding to the first program running data returned by the trusted streaming computing cluster.
Step 304: and judging whether the fixed credible value, the actual credible value corresponding to the first program running data and the pre-stored expected credible value of the current node are consistent or not by the OAT connected with the current node, if so, determining that the current node is credible, and otherwise, determining that the current node is not credible.
The information interaction, execution process and other contents between the unit modules in the method are based on the same concept as the system embodiment of the present invention, and specific contents can be referred to the description in the system embodiment of the present invention, and are not described herein again.
In summary, the embodiments of the present invention have at least the following advantages:
1. in the embodiment of the invention, the system for determining the node credibility comprises a credible streaming computing cluster, at least one OAT and at least one node connected with each OAT, wherein each node is provided with a TPM security chip. The OAT collects a fixed credible value recorded in a TPM security chip of the node and program operation data of the node aiming at each connected node; sending the program running data to a trusted streaming computing cluster, and receiving an actual trusted value corresponding to the program running data computed and returned by the trusted streaming computing cluster; and when the fixed credibility value, the actual credibility value and the pre-stored expected credibility value of the same node are judged to be consistent, determining that the node is credible. The OAT does not perform trusted computing, a special computer group performs execution instead in a streaming computing mode, and the OAT can determine whether the node is trusted only by performing simple numerical value transceiving comparison operation, so that the embodiment of the invention can reduce the equipment resources occupied by the trusted computing.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the statement "comprises an" does not exclude the presence of other similar elements in the process, method, article, or apparatus that comprises the element.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it is to be noted that: the above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (10)

1. A system for analyzing a trust value of a node, comprising:
a trusted streaming computing cluster, at least one OAT (open Attestation), at least one node to which each OAT is connected;
any node is provided with a Trusted Platform Module (TPM) security chip;
each of the OATs is configured to perform, for each of the connected nodes: collecting a first fixed credible value recorded in a TPM security chip of a current node; collecting first program operation data of the current node; and sending the first program running data to the trusted streaming computing cluster, and receiving an actual trusted value corresponding to the first program running data returned by the trusted streaming computing cluster.
2. The system for analyzing a trust value of a node according to claim 1,
and the OAT judges whether the first fixed credible value, the actual credible value corresponding to the first program running data and the pre-stored expected credible value of the current node are consistent or not aiming at each connected node, and if so, the current node is determined to be credible.
3. The system for analyzing a trust value of a node according to claim 1,
the trusted streaming computing cluster is configured to perform, for each of the OATs: executing the following steps for each program operation data sent by the current OAT: and calculating an actual credible value corresponding to the current program running data, and returning the actual credible value corresponding to the current program running data to the current OAT.
4. The system for analyzing the trusted value of the node according to claim 3, wherein the first program operation data carries a node unique identifier of the current node;
and the trusted streaming computing cluster is further configured to control an actual trusted value corresponding to the first program running data to carry the node unique identifier of the current node.
5. The system of claim 4, wherein the trusted streaming computing cluster comprises: the remote procedure call RPC interface, at least one distributed RPC server and at least one computing topology;
each OAT is specifically used for sending each program running data to the trusted streaming computing cluster by calling the RPC interface, and each sent program running data carries an OAT unique identifier of the OAT;
each distributed RPC server is used for distributing received program operation data to the computing topology specified by the distribution command according to the distribution command currently sent from the outside when receiving a program operation data sent from any OAT; when an actual trusted value is received, sending the received actual trusted value to a corresponding OAT according to an OAT unique identifier carried by program running data corresponding to the actual trusted value;
each computing topology is used for computing an actual credibility value corresponding to received program running data when receiving the program running data, and sending the computed actual credibility value to the distributed RPC server designated by the distribution command according to the external current distribution command.
6. The system for trusted value analysis of nodes of claim 5, wherein each of said computing topologies consists of an associated Spout and at least one Bolt;
each Spout is used for analyzing received program operation data and then sending the analyzed program operation data to a related Bolt when receiving the program operation data distributed by any one of the distributed RPC servers;
each Bolt is used for calculating an actual credible value corresponding to the received program running data when receiving analyzed program running data, and distributing the calculated actual credible value to the distributed RPC server appointed by the distribution command according to the external current distribution command.
7. The system for analyzing a trust value of a node according to claim 1, further comprising: a data consistency service module;
the trusted streaming computing cluster is a storm cluster;
the storm cluster further comprises: nimbus, at least one super visor;
the data consistency service module is used for coordinating the Nimbus and the at least one Supervisor;
the Nimbus is used for allocating tasks to each Supervisor through resource allocation and task scheduling;
each of the supervisors is configured to control sending of the distribution command according to the task assigned by the Nimbus.
8. The system for analyzing a trust value of a node according to claim 7,
each TPM security chip comprises: a platform configuration register PCR for storing a fixed trusted value;
each node is used for starting a program based on a starting principle of measuring first and then executing, and placing program running data of a program starting process in a measurement log file in a log mode, wherein the measurement log file is located outside the equipped TPM security chip.
9. A method of trusted value analysis of a node, comprising:
each OAT performs, for each connected node: collecting a fixed credible value recorded in a TPM security chip of a credible platform module equipped in a current node; collecting first program operation data of the current node; sending the first program running data to a trusted streaming computing cluster;
the trusted streaming computing cluster performs, for each of the OATs: executing the following steps for each program operation data sent by the current OAT: and calculating an actual credible value corresponding to the current program running data, and returning the actual credible value corresponding to the current program running data to the current OAT.
10. The method of value-of-trust analysis of a node of claim 9, further comprising:
receiving an actual trusted value corresponding to the first program running data returned by the trusted streaming computing cluster by the OAT connected with the current node;
and judging whether the fixed credible value, the actual credible value corresponding to the first program running data and the pre-stored expected credible value of the current node are consistent or not by the OAT connected with the current node, and if so, determining that the current node is credible.
CN202110911706.3A 2018-06-06 2018-06-06 System and method for analyzing credibility value of node Active CN113645230B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110911706.3A CN113645230B (en) 2018-06-06 2018-06-06 System and method for analyzing credibility value of node

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110911706.3A CN113645230B (en) 2018-06-06 2018-06-06 System and method for analyzing credibility value of node
CN201810575105.8A CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201810575105.8A Division CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node

Publications (2)

Publication Number Publication Date
CN113645230A true CN113645230A (en) 2021-11-12
CN113645230B CN113645230B (en) 2023-04-28

Family

ID=64144065

Family Applications (3)

Application Number Title Priority Date Filing Date
CN201810575105.8A Active CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node
CN202110911430.9A Active CN113645229B (en) 2018-06-06 2018-06-06 Authentication system and method based on credible confirmation
CN202110911706.3A Active CN113645230B (en) 2018-06-06 2018-06-06 System and method for analyzing credibility value of node

Family Applications Before (2)

Application Number Title Priority Date Filing Date
CN201810575105.8A Active CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node
CN202110911430.9A Active CN113645229B (en) 2018-06-06 2018-06-06 Authentication system and method based on credible confirmation

Country Status (1)

Country Link
CN (3) CN108833522B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109164780B (en) * 2018-11-22 2020-06-16 北京八分量信息科技有限公司 Industrial field device control method, device and system based on edge calculation
CN109873801B (en) 2018-12-12 2020-07-24 阿里巴巴集团控股有限公司 Method, device, storage medium and computing equipment for establishing trusted channel between user and trusted computing cluster
CN109861980B (en) 2018-12-29 2020-08-04 阿里巴巴集团控股有限公司 Method, device, storage medium and computing equipment for establishing trusted computing cluster
CN110009499B (en) * 2019-04-17 2021-05-11 北京八分量信息科技有限公司 Transaction method and system based on block chain and hidden address
EP4047897A4 (en) * 2019-11-11 2022-12-07 Huawei Technologies Co., Ltd. Remote attestation method, apparatus and system, and computer storage medium
CN111600886B (en) * 2020-05-15 2022-03-08 北京光润通科技发展有限公司 Encryption method, intelligent network card and encryption chain
CN112187475A (en) * 2020-09-28 2021-01-05 北京八分量信息科技有限公司 Method and device for performing multi-center accounting based on trusted computing and related products
CN112532600B (en) * 2020-11-19 2022-08-16 中安可信(青岛)网络科技有限公司 Cluster system with credible data exchange and credible data exchange method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102355351A (en) * 2011-07-21 2012-02-15 华为技术有限公司 Key generation, backup and migration method and system based on trusted computing
DE202011103084U1 (en) * 2011-07-11 2012-10-15 Metrona Wärmemesser Union Gmbh Tamper-proof standard dosimetry for cabin air filtration systems in transport vehicles - static dosimetry in the tropopause region
CN105760271A (en) * 2016-01-28 2016-07-13 浪潮电子信息产业股份有限公司 Method for monitoring credible state of computing node in cluster mode
CN105873031A (en) * 2016-04-08 2016-08-17 西安电子科技大学 Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform
CN107003916A (en) * 2014-11-28 2017-08-01 汤姆逊许可公司 Method and apparatus for providing checking application integrity

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7613921B2 (en) * 2005-05-13 2009-11-03 Intel Corporation Method and apparatus for remotely provisioning software-based security coprocessors
CN101488851B (en) * 2009-02-25 2011-12-21 中国人民解放军信息工程大学 Method and apparatus for signing identity verification certificate in trusted computing
CN102594558B (en) * 2012-01-19 2014-08-06 东北大学 Anonymous digital certificate system and verification method of trustable computing environment
CN103856477B (en) * 2012-12-06 2018-01-02 阿里巴巴集团控股有限公司 A kind of credible accounting system and corresponding authentication method and equipment
CN103347073B (en) * 2013-07-02 2016-04-27 北京大学 A kind of cloud administration behaviour method of controlling security and system
CN104184743B (en) * 2014-09-10 2017-06-16 西安电子科技大学 Towards three layers of Verification System and authentication method of cloud computing platform
EP3026560A1 (en) * 2014-11-28 2016-06-01 Thomson Licensing Method and device for providing verifying application integrity
CN105516207B (en) * 2016-01-28 2018-08-14 浪潮电子信息产业股份有限公司 Certificate management method in remote authentication
CN107609136B (en) * 2017-09-19 2021-03-05 北京许继电气有限公司 Access characteristic marking-based autonomous controllable database auditing method and system
CN107766724A (en) * 2017-10-17 2018-03-06 华北电力大学 A kind of construction method of trusted computer platform software stack function structure

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE202011103084U1 (en) * 2011-07-11 2012-10-15 Metrona Wärmemesser Union Gmbh Tamper-proof standard dosimetry for cabin air filtration systems in transport vehicles - static dosimetry in the tropopause region
CN102355351A (en) * 2011-07-21 2012-02-15 华为技术有限公司 Key generation, backup and migration method and system based on trusted computing
CN107003916A (en) * 2014-11-28 2017-08-01 汤姆逊许可公司 Method and apparatus for providing checking application integrity
CN105760271A (en) * 2016-01-28 2016-07-13 浪潮电子信息产业股份有限公司 Method for monitoring credible state of computing node in cluster mode
CN105873031A (en) * 2016-04-08 2016-08-17 西安电子科技大学 Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
YUQIONG SUN、CHENG SONG、MENGQIAN LI: ""Design and Implementation of Dual AIK Signing Scheme in Virtual TPM"", 《2010 3RD INTERNATIONAL SYMPOSIUM ON PARALLEL ARCHITECTURES, ALGORITHMS AND PROGRAMMING》 *
崔善童: ""基于改进型可信网络连续的动态网络控制的设计和研究"", 《信息科技》 *

Also Published As

Publication number Publication date
CN113645229B (en) 2023-04-07
CN108833522A (en) 2018-11-16
CN113645229A (en) 2021-11-12
CN113645230B (en) 2023-04-28
CN108833522B (en) 2021-06-22

Similar Documents

Publication Publication Date Title
CN108833522B (en) System and method for determining credibility of node
US11991209B2 (en) System and method for security health monitoring and attestation of virtual machines in cloud computing systems
CN111082940B (en) Internet of things equipment control method and device, computing equipment and storage medium
Paccagnella et al. Custos: Practical tamper-evident auditing of operating systems using trusted execution
Xiao et al. Security and privacy in cloud computing
US10824728B2 (en) Reliable detection of co-located virtual machines in the cloud using a trusted execution environment
US11025415B2 (en) Cryptographic operation method, method for creating working key, cryptographic service platform, and cryptographic service device
US20180288101A1 (en) Verifying that usage of virtual network function (vnf) by a plurality of compute nodes comply with allowed usage rights
US20120185936A1 (en) Systems and Methods for Detecting Fraud Associated with Systems Application Processing
US9049232B2 (en) Configurable-quality random data service
US10833960B1 (en) SLA management in composite cloud solutions using blockchain
US20190005224A1 (en) Trust Based Computing
CN110770729A (en) Method and apparatus for proving integrity of virtual machine
CN111414640B (en) Key access control method and device
CN114780214A (en) Task processing method, device, system and equipment
CN111859379B (en) Processing method and device for protecting data model
US11606279B2 (en) Secure heartbeat monitoring
KR101505468B1 (en) Data comparing processing method and system in cloud computing environment
Hauck et al. Challenges and opportunities of cloud computing
JP2002318700A (en) Providing/control method for operation management information of virtual computer system and virtual computer system
CN116360913A (en) Security configuration method, privilege domain, cloud platform, equipment and storage medium
Bissiriou et al. Towards secure tag-MapReduce framework in cloud
Li et al. Attack models for big data platform hadoop
Dogra et al. Security service level agreement measurement in cloud: A proof of concept implementation
Pratiwi et al. Implementing CRYSTALS Kyber and Dilithium in Intel SGX Secure Enclaves

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant