CN113645230B - System and method for analyzing credibility value of node - Google Patents

System and method for analyzing credibility value of node Download PDF

Info

Publication number
CN113645230B
CN113645230B CN202110911706.3A CN202110911706A CN113645230B CN 113645230 B CN113645230 B CN 113645230B CN 202110911706 A CN202110911706 A CN 202110911706A CN 113645230 B CN113645230 B CN 113645230B
Authority
CN
China
Prior art keywords
trusted
node
operation data
program operation
oat
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110911706.3A
Other languages
Chinese (zh)
Other versions
CN113645230A (en
Inventor
阮安邦
魏明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Octa Innovations Information Technology Co Ltd
Original Assignee
Beijing Octa Innovations Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Octa Innovations Information Technology Co Ltd filed Critical Beijing Octa Innovations Information Technology Co Ltd
Priority to CN202110911706.3A priority Critical patent/CN113645230B/en
Publication of CN113645230A publication Critical patent/CN113645230A/en
Application granted granted Critical
Publication of CN113645230B publication Critical patent/CN113645230B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Debugging And Monitoring (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a system and a method for analyzing the credibility value of a node, wherein the system comprises the following steps: the trusted streaming computing cluster, at least one OAT, at least one node to which each OAT is connected, each node being equipped with a TPM security chip. For each connected node, the OAT collects a fixed trusted value recorded in a TPM security chip of the node and program operation data of the node; and sending the program operation data to the trusted stream computing cluster, and receiving the actual trusted value corresponding to the calculated and returned program operation data.

Description

System and method for analyzing credibility value of node
The invention relates to a divisional application with application number of 201810575105.8, application date of 2018, 6 months and 6 days, application type of the invention and application name of a system and a method for determining node credibility.
Technical Field
The present invention relates to the field of trusted computing, and in particular, to a system and a method for analyzing a trusted value of a node.
Background
The trusted computing technology is a security technology for solving the problem of computer architecture, and by establishing a specific integrity measurement mechanism, the computing platform has the capability of distinguishing whether the program code is trusted or not when running, thereby establishing an effective prevention and treatment method and measure for the untrusted program code.
Currently, OAT (Open Attestation) may collect program operation data of each connected node, and determine whether each node is trusted according to a trusted computing result by performing trusted computing on the program operation data.
But when the number of connected nodes is large, trusted computing typically requires more device resources.
The Chinese patent publication No. CN105760271A discloses a method for monitoring the trusted state of a computing node in a cluster mode, which comprises the following steps: trusted computing nodes, computing node agents and cluster trusted management programs. Compared with the prior art, the method for monitoring the trusted state of the computing node in the cluster mode can reflect the integrity of each key component and each file in real time, once the key component and the file are tampered, a tampered host and an attack point can be reflected in time, and a data center manager can repair the tampered content according to the report.
Under the condition that the number of connected nodes is large, the prior art needs to collect the program running data of each connected node to perform trusted calculation to determine whether each node is trusted or not, so that a large amount of equipment resources are occupied, and therefore a system and a method are needed to determine whether the node is trusted or not only by executing simple operation, and the invention provides a system and a method for analyzing the trusted value of the node.
Disclosure of Invention
The invention provides a system and a method for determining node credibility, which can reduce equipment resources required to be occupied by credible calculation.
In order to achieve the above purpose, the invention is realized by the following technical scheme:
in one aspect, the present invention provides a system for determining the trustworthiness of a node, comprising:
a trusted streaming computing cluster, at least one OAT, at least one node to which each said OAT is connected;
any of the nodes is equipped with a TPM (trusted platform Module) security chip;
each of the OAT is configured to perform, for each node connected: collecting a first fixed trusted value recorded in a TPM security chip of a current node; collecting first program operation data of the current node; transmitting the first program operation data to the trusted stream computing cluster, and receiving an actual trusted value corresponding to the first program operation data returned by the trusted stream computing cluster; judging whether the first fixed trusted value, the actual trusted value corresponding to the first program operation data and the prestored expected trusted value of the current node are consistent or not, and if so, determining that the current node is trusted;
the trusted streaming computing cluster is configured to perform, for each OAT: each program run data sent by the current OAT is executed: and calculating an actual trusted value corresponding to the current program operation data, and returning the actual trusted value corresponding to the current program operation data to the current OAT.
Further, the first program operation data carries a node unique identifier of the current node;
the trusted stream computing cluster is further configured to control an actual trusted value corresponding to the first program operation data to carry a node unique identifier of the current node.
Further, the trusted stream computing cluster comprises: an RPC (Remote Procedure Call ) interface, at least one distributed RPC server, at least one computing topology;
each OAT is specifically configured to send each program operation data to the trusted stream computing cluster by calling the RPC interface, where each sent program operation data carries its own OAT unique identifier;
each distributed RPC server is configured to, when receiving a program operation data sent by any OAT, distribute the received program operation data to a computing topology specified by the distribution command according to a distribution command currently sent from the outside; when an actual trusted value is received, the received actual trusted value is sent to a corresponding OAT according to the OAT unique identifier carried by the program operation data corresponding to the actual trusted value;
each computing topology is used for computing an actual trusted value corresponding to received program operation data when receiving the program operation data, and distributing the computed actual trusted value to a distributed RPC server appointed by an external current distribution command.
Further, each of the computing topologies is comprised of an associated Spout and at least one Bolt;
each Spout is configured to, when receiving a program operation data distributed by any one of the distributed RPC servers, parse the received program operation data, and send the parsed program operation data to an associated Bolt;
each Bolt is used for calculating an actual trusted value corresponding to the received program operation data when the analyzed program operation data is received, and distributing the calculated actual trusted value to the distributed RPC server appointed by the distribution command according to the distribution command sent by the outside.
Further, the system for determining that the node is trusted further comprises: a data consistency service module;
the trusted stream computing cluster is a storm cluster;
the storm cluster further comprises: nimbus, at least one super;
the data consistency service module is used for coordinating the Nimbus and the at least one super;
the Nimbus is used for distributing tasks to each supervisors through resource distribution and task scheduling;
and each Supervisor is used for controlling the sending of the distribution command according to the tasks distributed by the Nimbus.
Further, the data consistency service module includes: zookeeper.
Further, each of the TPM security chips includes: a PCR (PlatformConfiguration Register ) for storing a fixed trusted value;
each node is used for starting a program based on a starting principle of measuring before executing, program running data of a program starting process are placed in a measuring log file in a log mode, and the measuring log file is located outside a TPM security chip.
Further, the system for determining that the node is trusted further comprises: a third party certification authority;
each TPM security chip is recorded with an AIK certificate and an original trusted value;
each node is further configured to encrypt an original trusted value recorded in the internal TPM security chip by using a private key of an AIK certificate recorded in the internal TPM security chip, and record the obtained ciphertext as a fixed trusted value;
the OAT connected with the current node is also used for collecting a first AIK certificate recorded in a TPM security chip of the current node and sending the first fixed trusted value and the first AIK certificate to the trusted stream computing cluster;
the trusted stream computing cluster is further configured to send the first AIK certificate to the third party certification authority; decrypting the first fixed trusted value using a public key of the first AIK certificate returned by the third party certification authority;
and the third party certification authority is used for sending the public key of the preset first AIK certificate to the trusted stream computing cluster when judging that the preset effective certificate list comprises the first AIK certificate.
Further, the third party certificate authority is further configured to perform, for each AIK certificate in the valid certificate list: and when the current AIK certificate is monitored to be invalid, removing the current AIK certificate from the valid certificate list.
In another aspect, the present invention provides a method for determining that a node is trusted, which is performed based on the system for determining that a node is trusted, and is characterized by comprising:
each OAT performs for each node connected: collecting a fixed trusted value recorded in a TPM security chip equipped by a current node; collecting first program operation data of the current node; transmitting the first program operation data to a trusted stream computing cluster;
the trusted streaming computing cluster performs for each of the OAT: each program run data sent by the current OAT is executed: calculating an actual trusted value corresponding to current program operation data, and returning the actual trusted value corresponding to the current program operation data to the current OAT;
the OAT connected with the current node receives an actual trusted value corresponding to the first program operation data returned by the trusted stream computing cluster;
and judging whether the fixed trusted value, the actual trusted value corresponding to the first program operation data and the prestored expected trusted value of the current node are consistent or not by the OAT connected with the current node, and if so, determining that the current node is trusted.
The invention provides a system and a method for determining the credibility of a node, wherein the system comprises the following steps: the trusted streaming computing cluster, at least one OAT, at least one node to which each OAT is connected, each node being equipped with a TPM security chip. For each connected node, the OAT collects a fixed trusted value recorded in a TPM security chip of the node and program operation data of the node; the program operation data are sent to a trusted stream computing cluster, and the actual trusted value corresponding to the program operation data calculated and returned by the trusted stream computing cluster is received; and when the fixed trusted value, the actual trusted value and the pre-stored expected trusted value of the same node are consistent, determining that the node is trusted. The OAT does not perform trusted computing, but is executed instead by a special computer group in a streaming computing mode, and the OAT can determine whether the node is trusted or not only by executing simple numerical value receiving-transmitting comparison operation, so that the invention can reduce equipment resources required to be occupied by the trusted computing.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a system for determining node trustworthiness according to one embodiment of the present invention;
FIG. 2 is a schematic diagram of another system for determining node trustworthiness according to one embodiment of the present invention;
fig. 3 is a flowchart of a method for determining node trust according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments, and all other embodiments obtained by those skilled in the art without making any inventive effort based on the embodiments of the present invention are within the scope of protection of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a system for determining the trustworthiness of a node, which may include:
a trusted streaming computing cluster 101, at least one OAT102, at least one node 103 to which each of said OAT102 is connected;
any of the nodes 103 is equipped with a TPM security chip 1031;
each OAT102 is configured to perform, for each node 103 connected: collecting a first fixed trusted value recorded in a TPM security chip of a current node; collecting first program operation data of the current node; the first program operation data is sent to the trusted stream computing cluster 101, and an actual trusted value corresponding to the first program operation data returned by the trusted stream computing cluster 101 is received; judging whether the first fixed trusted value, the actual trusted value corresponding to the first program operation data and the prestored expected trusted value of the current node are consistent or not, and if so, determining that the current node is trusted;
the trusted streaming computing cluster 101 is configured to perform, for each OAT 102: each program run data sent by the current OAT is executed: and calculating an actual trusted value corresponding to the current program operation data, and returning the actual trusted value corresponding to the current program operation data to the current OAT.
The embodiment of the invention provides a system for determining the trust of nodes, which comprises a trusted stream computing cluster, at least one OAT and at least one node connected with each OAT, wherein each node is provided with a TPM security chip. For each connected node, the OAT collects a fixed trusted value recorded in a TPM security chip of the node and program operation data of the node; the program operation data are sent to a trusted stream computing cluster, and the actual trusted value corresponding to the program operation data calculated and returned by the trusted stream computing cluster is received; and when the fixed trusted value, the actual trusted value and the pre-stored expected trusted value of the same node are consistent, determining that the node is trusted. The OAT does not perform trusted computing, but is performed instead by a special computer group in a streaming computing mode, and the OAT can determine whether the node is trusted or not only by performing simple numerical value transceiving comparison operation, so that the embodiment of the invention can reduce equipment resources required to be occupied by the trusted computing.
In detail, trusted computing technology may rely on a co-processor TPM embedded on a platform. The TPM can have at least the main functions of symmetric encryption, asymmetric encryption, secure storage, integrity metrics, signature authentication, and the like. As shown in fig. 1, to determine whether each node is trusted, a TPM security chip may be provided in each node.
In detail, the TPM security chip may have a fixed trusted value recorded therein, which is generally only accessible to the TPM itself and is therefore generally not easily altered maliciously.
Furthermore, for each node, its program run data may also be a factor in measuring its trustworthiness, but the program run data may be maliciously altered due to the existence of the possibility. Under normal conditions, the trusted value calculated by the program running data should be consistent with the recorded fixed trusted value, otherwise, the node is not trusted.
As can be seen from fig. 1, there may be a plurality of OAT, and there may be a plurality of node data connected to each OAT, so in order to reduce the OAT data processing pressure, a unified trusted stream computing cluster may perform trusted computing, and the computing result is fed back to the corresponding OAT.
Based on the foregoing, the OAT may have pre-stored therein an expected trusted value of the node in addition to comparing the fixed trusted value with the actual trusted value. Typically, these 3 trusted values should all be kept consistent, otherwise the corresponding node may be considered untrusted. It can be seen that, in the embodiment of the present invention, the OAT can only execute the comparison of 3 trusted values and the related data transceiving operation, and the node trusted verification can be completed, and this process occupies less equipment resources, so that the OAT can cope with the situation that the number of nodes to be verified is large, so as to ensure higher equipment performance.
In one embodiment of the present invention, the first program running data carries a node unique identifier of the current node;
the trusted stream computing cluster 101 is further configured to control an actual trusted value corresponding to the first program operation data to carry a node unique identifier of the current node.
In detail, each program running data can carry a node unique identifier of a corresponding node, so that the trusted stream computing cluster can carry the corresponding node unique identifier when any actual trusted value is calculated, and when each actual trusted value is fed back to a corresponding OAT, the OAT can simply and quickly determine which node the target of each actual trusted value is.
In one embodiment of the present invention, referring to fig. 2, the trusted streaming computing cluster 101 includes: an RPC interface 1011, at least one distributed RPC server 1012, at least one computing topology 1013;
each OAT102 is specifically configured to send each program operation data to the trusted stream computing cluster 101 by calling the RPC interface 1011, where each sent program operation data carries its own OAT unique identifier;
each of the distributed RPC servers 1012 is configured to, when receiving a program operation data sent from any one of the OAT102, distribute the received program operation data to a computing topology 1013 specified by an external currently sent distribution command; when an actual trusted value is received, the received actual trusted value is sent to the corresponding OAT102 according to the OAT unique identifier carried by the program operation data corresponding to the actual trusted value;
each of the computing topologies 1013 is configured to, when receiving a program operation data, calculate an actual trusted value corresponding to the received program operation data, and distribute, according to an external current distribution command, the calculated actual trusted value to the distributed RPC server 1012 specified by the distribution command.
In detail, the distributed RPC server may be responsible for providing distributed RPC call services.
In detail, the trusted streaming computing cluster may be provided with a unified RPC interface, and each OAT may send a trusted computing request by calling the RPC interface to send each program running data for the trusted computing to the trusted streaming computing cluster.
In detail, the trusted streaming computing cluster may include a distributed RPC server cluster and a computing topology cluster, and program operation data sent from an external OAT may be sent to a computing topology through any distributed RPC server, so as to complete trusted computing in the computing topology.
In one embodiment of the present invention, the distributed RPC server performing the program running data transceiving operations may be an available server, such as an idle server. In this manner, when a server is externally determined to be available, a dispatch command may be sent thereto to cause it to receive program operational data from the RPC interface and dispatch to a specified computing topology. Of course, the specified computing topology may be any available computing topology for externally determined executable trusted computing.
Correspondingly, after the calculation topology completes the trusted calculation, the trusted calculation result needs to be fed back to the corresponding OAT, so that the trusted calculation result is fed back to the corresponding OAT through any available distributed RPC server and RPC interface based on an external distribution command as well.
In the embodiment of the invention, the trusted computing result, that is, the computed actual trusted value, may carry the unique OAT identifier, so that any distributed RPC server may feed back each actual trusted value to the corresponding OAT based on the unique OAT identifier.
In one embodiment of the present invention, please refer to fig. 2, each of the computing topologies 1013 is composed of an associated Spout10131 and at least one Bolt10132;
each Spout10131 is configured to, when receiving a program operation data sent from any one of the distributed RPC servers 1012, parse the received program operation data and send the parsed program operation data to an associated Bolt10132;
each Bolt10132 is configured to, when receiving parsed program operation data, calculate an actual trusted value corresponding to the received program operation data, and distribute the calculated actual trusted value to the distributed RPC server 1012 specified by the distribution command according to the distribution command sent by the outside.
In detail, the computing topology may be composed of two types of components, spout, which are responsible for data parsing and transmission, and Bolt, which are responsible for computing trusted values.
In detail, the computing topology may be constructed from different Spout and Bolt, which are topology graphs connected by data streams. Wherein Spout is a data source for producing data for computing topology, typically by reading and transmitting data from an external data source without interruption, bolt is a message processor, and can be processed at a level of one.
The distributed RPCSpout component in the computing topology can receive the computing data forwarded by a distributed RPC server, analyze and send the computing data, and the sending target can be each Bolt for logically realizing the trusted value computation. After the Bolt calculates each trusted value, an available distributed RPC server may return the calculation result to the OAT corresponding to the requested calculation service.
Referring to fig. 2, the path indicated by the arrow in fig. 2 may be a corresponding data processing path when OAT-2 requests trusted computing from the trusted streaming computing cluster.
In one embodiment of the present invention, referring to fig. 2, the system for determining the trustworthiness of a node further includes: a data consistency service module 201;
the trusted streaming computing cluster 101 is a storm cluster;
the storm cluster further comprises: nimbus1014, at least one Supervisor1015;
the data consistency service module 201 is configured to coordinate the Nimbus1014 and the at least one Supervisor1015;
the Nimbus1014 is configured to allocate a task to each of the supervisors 1015 through resource allocation and task scheduling;
each Supervisor1015 is configured to control the sending of the distribution command according to the task allocated by the Nimbus 1014.
In detail, nimbus may be responsible for resource allocation and task scheduling.
In detail, the Supervisor can be used as a loss computing asynchronous task manager and is responsible for receiving tasks distributed by Nimbus and starting and stopping the worker process which belongs to self management.
In detail, a Worker may be a process running specific processing component logic, and the types of tasks that are run are only two, spout and Bolt tasks.
In the embodiment of the invention, since one computing topology can contain one or more works, each work process can only be subordinate to one specific computing topology. These Worker processes may run in parallel on different servers in the cluster, i.e., a computing topology is actually made up of processes running in parallel on multiple servers in the streaming computing cluster. In addition, the Executor is a thread generated by a Worker process, one or more Executor threads in the topology can be run in each Worker process, one or more Task tasks can be executed in one Executor thread, but the Task tasks can all correspond to the same component, namely, spout and Bolt. The Task may be the smallest unit that actually performs data processing, and each Task is a Spout or a Bolt. For the above reasons, compared with the conventional method that each machine node performs trusted computing in a point-to-point manner, the streaming computing according to the embodiment of the invention has better parallelism than the conventional method.
In detail, the data consistency service may be responsible for reconciling Nimbus and supervisors for preserving metadata.
In one embodiment of the present invention, the data consistency service module 201 includes: zookeeper.
In one embodiment of the present invention, each of the TPM security chips 1031 includes: a PCR for storing a fixed trusted value;
each of the nodes 103 is configured to start a program based on a start-up principle of measurement before execution, and place program operation data of a program start-up procedure in a measurement log file in a form of a log, where the measurement log file is located outside the equipped TPM security chip 1031.
In detail, the fixed trusted value recorded by the TPM may be stored in an internal PCR.
In one embodiment of the present invention, referring to fig. 2, the system for determining the trustworthiness of a node further includes: a third party certification authority 202;
each TPM security chip 1031 has an AIK certificate and an original trusted value recorded therein;
each node 103 is further configured to encrypt an original trusted value recorded in the internal TPM security chip 1031 by using a private key of an AIK certificate recorded in the internal TPM security chip 1031, and record the obtained ciphertext as a fixed trusted value;
the OAT102 connected to the current node is further configured to collect a first AIK certificate recorded in a TPM security chip of the current node, and send the first fixed trusted value and the first AIK certificate to the trusted streaming computing cluster 101;
the trusted streaming computing cluster 101 is further configured to send the first AIK certificate to the third party certificate authority 202; decrypting the first fixed trusted value using the public key of the first AIK certificate returned by the third party certificate authority 202;
the third party certification authority 202 is configured to send a public key of the preset first AIK certificate to the trusted streaming computing cluster 101 when it is determined that the preset valid certificate list includes the first AIK certificate.
In detail, the collected fixed trusted value may be in the form of ciphertext, and only if the AIK certificate of the node is valid, the ciphertext may be decrypted by using the public key of the certificate to obtain plaintext.
In one embodiment of the present invention, the third party certificate authority 202 is further configured to perform, for each AIK certificate in the valid certificate list: and when the current AIK certificate is monitored to be invalid, removing the current AIK certificate from the valid certificate list.
In detail, the third party certification authority may update the valid certificate list in real time to ensure the accuracy of the certificate validity.
As shown in fig. 3, an embodiment of the present invention provides a method for determining node trustworthiness, which is performed based on the system for determining node trustworthiness as described in any one of the above, and specifically includes the following steps:
step 301: each OAT performs for each node connected: collecting a fixed trusted value recorded in a TPM security chip equipped by a current node; collecting first program operation data of the current node; and sending the first program operation data to a trusted stream computing cluster.
Step 302: the trusted streaming computing cluster performs for each of the OAT: each program run data sent by the current OAT is executed: and calculating an actual trusted value corresponding to the current program operation data, and returning the actual trusted value corresponding to the current program operation data to the current OAT.
Step 303: and the OAT connected with the current node receives an actual trusted value corresponding to the first program operation data returned by the trusted stream computing cluster.
Step 304: and judging whether the fixed trusted value, the actual trusted value corresponding to the first program operation data and the prestored expected trusted value of the current node are consistent or not by the OAT connected with the current node, if so, determining that the current node is trusted, otherwise, determining that the current node is not trusted.
The content of information interaction and execution process between the unit modules in the method is based on the same concept as the embodiment of the system of the present invention, and specific content can be referred to the description in the embodiment of the system of the present invention, which is not repeated here.
In summary, the embodiments of the present invention have at least the following advantages:
1. in the embodiment of the invention, the system for determining the trust of the nodes comprises a trusted stream computing cluster, at least one OAT and at least one node connected with each OAT, wherein each node is provided with a TPM security chip. For each connected node, the OAT collects a fixed trusted value recorded in a TPM security chip of the node and program operation data of the node; the program operation data are sent to a trusted stream computing cluster, and the actual trusted value corresponding to the program operation data calculated and returned by the trusted stream computing cluster is received; and when the fixed trusted value, the actual trusted value and the pre-stored expected trusted value of the same node are consistent, determining that the node is trusted. The OAT does not perform trusted computing, but is performed instead by a special computer group in a streaming computing mode, and the OAT can determine whether the node is trusted or not only by performing simple numerical value transceiving comparison operation, so that the embodiment of the invention can reduce equipment resources required to be occupied by the trusted computing.
It is noted that relational terms such as first and second, and the like, are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a. Does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the above method embodiments may be implemented by hardware related to program instructions, and the foregoing program may be stored in a computer readable storage medium, where the program, when executed, performs steps including the above method embodiments; and the aforementioned storage medium includes: various media in which program code may be stored, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the foregoing description is only illustrative of the preferred embodiments of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.

Claims (6)

1. A system for analyzing a trusted value of a node, comprising:
a trusted streaming computing cluster, at least one OAT (Open Attestation), at least one node to which each said OAT is connected;
any one of the nodes is provided with a trusted platform module TPM security chip;
each of the OAT is configured to perform, for each node connected: collecting a first fixed trusted value recorded in a TPM security chip of a current node; collecting first program operation data of the current node; and the OAT judges whether the first fixed trusted value, the actual trusted value corresponding to the first program operation data and the prestored expected trusted value of the current node are consistent or not according to each connected node, and if yes, the current node is determined to be trusted.
2. The system according to claim 1, wherein the first program running data carries a node unique identification of the current node;
the trusted stream computing cluster is further configured to control an actual trusted value corresponding to the first program operation data to carry a node unique identifier of the current node.
3. The system for trusted value analysis of a node of claim 2, wherein said trusted stream computing cluster comprises: remote procedure call RPC interface, at least one distributed RPC server, at least one computing topology;
each OAT is specifically configured to send each program operation data to the trusted stream computing cluster by calling the RPC interface, where each sent program operation data carries its own OAT unique identifier;
each distributed RPC server is configured to, when receiving a program operation data sent by any OAT, distribute the received program operation data to a computing topology specified by the distribution command according to a distribution command currently sent from the outside; when an actual trusted value is received, the received actual trusted value is sent to a corresponding OAT according to the OAT unique identifier carried by the program operation data corresponding to the actual trusted value;
each computing topology is used for computing an actual trusted value corresponding to received program operation data when receiving the program operation data, and distributing the computed actual trusted value to a distributed RPC server appointed by an external current distribution command.
4. A system for trust value analysis of a node according to claim 3 wherein each of said computing topologies is comprised of an associated Spout and at least one Bolt;
each Spout is configured to, when receiving a program operation data distributed by any one of the distributed RPC servers, parse the received program operation data, and send the parsed program operation data to an associated Bolt;
each Bolt is used for calculating an actual trusted value corresponding to the received program operation data when the analyzed program operation data is received, and distributing the calculated actual trusted value to the distributed RPC server appointed by the distribution command according to the distribution command sent by the outside.
5. The system for trusted value analysis of a node of claim 1, further comprising: a data consistency service module;
the trusted stream computing cluster is a storm cluster;
the storm cluster further comprises: nimbus, at least one super;
the data consistency service module is used for coordinating the Nimbus and the at least one super;
the Nimbus is used for distributing tasks to each superVisor through resource distribution and task scheduling;
and each super is used for controlling the sending of a distribution command according to the tasks distributed by the Nimbus.
6. The system for analyzing the trust value of a node according to claim 5, wherein,
each of the TPM security chips includes: a platform configuration register PCR for storing a fixed trusted value;
each node is used for starting a program based on a starting principle of measuring before executing, program running data of a program starting process are placed in a measuring log file in a log mode, and the measuring log file is located outside a TPM security chip.
CN202110911706.3A 2018-06-06 2018-06-06 System and method for analyzing credibility value of node Active CN113645230B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110911706.3A CN113645230B (en) 2018-06-06 2018-06-06 System and method for analyzing credibility value of node

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810575105.8A CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node
CN202110911706.3A CN113645230B (en) 2018-06-06 2018-06-06 System and method for analyzing credibility value of node

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201810575105.8A Division CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node

Publications (2)

Publication Number Publication Date
CN113645230A CN113645230A (en) 2021-11-12
CN113645230B true CN113645230B (en) 2023-04-28

Family

ID=64144065

Family Applications (3)

Application Number Title Priority Date Filing Date
CN202110911706.3A Active CN113645230B (en) 2018-06-06 2018-06-06 System and method for analyzing credibility value of node
CN202110911430.9A Active CN113645229B (en) 2018-06-06 2018-06-06 Authentication system and method based on credible confirmation
CN201810575105.8A Active CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node

Family Applications After (2)

Application Number Title Priority Date Filing Date
CN202110911430.9A Active CN113645229B (en) 2018-06-06 2018-06-06 Authentication system and method based on credible confirmation
CN201810575105.8A Active CN108833522B (en) 2018-06-06 2018-06-06 System and method for determining credibility of node

Country Status (1)

Country Link
CN (3) CN113645230B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109164780B (en) * 2018-11-22 2020-06-16 北京八分量信息科技有限公司 Industrial field device control method, device and system based on edge calculation
CN109873801B (en) 2018-12-12 2020-07-24 阿里巴巴集团控股有限公司 Method, device, storage medium and computing equipment for establishing trusted channel between user and trusted computing cluster
CN109861980B (en) 2018-12-29 2020-08-04 阿里巴巴集团控股有限公司 Method, device, storage medium and computing equipment for establishing trusted computing cluster
CN110009499B (en) * 2019-04-17 2021-05-11 北京八分量信息科技有限公司 Transaction method and system based on block chain and hidden address
CN112787817B (en) * 2019-11-11 2024-07-09 华为技术有限公司 Remote proving method, device, system and computer storage medium
CN111600886B (en) * 2020-05-15 2022-03-08 北京光润通科技发展有限公司 Encryption method, intelligent network card and encryption chain
CN112187475A (en) * 2020-09-28 2021-01-05 北京八分量信息科技有限公司 Method and device for performing multi-center accounting based on trusted computing and related products
CN112532600B (en) * 2020-11-19 2022-08-16 中安可信(青岛)网络科技有限公司 Cluster system with credible data exchange and credible data exchange method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102355351A (en) * 2011-07-21 2012-02-15 华为技术有限公司 Key generation, backup and migration method and system based on trusted computing
DE202011103084U1 (en) * 2011-07-11 2012-10-15 Metrona Wärmemesser Union Gmbh Tamper-proof standard dosimetry for cabin air filtration systems in transport vehicles - static dosimetry in the tropopause region
CN105760271A (en) * 2016-01-28 2016-07-13 浪潮电子信息产业股份有限公司 Method for monitoring credible state of computing node in cluster mode
CN105873031A (en) * 2016-04-08 2016-08-17 西安电子科技大学 Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform
CN107003916A (en) * 2014-11-28 2017-08-01 汤姆逊许可公司 Method and apparatus for providing checking application integrity

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7613921B2 (en) * 2005-05-13 2009-11-03 Intel Corporation Method and apparatus for remotely provisioning software-based security coprocessors
CN101488851B (en) * 2009-02-25 2011-12-21 中国人民解放军信息工程大学 Method and apparatus for signing identity verification certificate in trusted computing
CN102594558B (en) * 2012-01-19 2014-08-06 东北大学 Anonymous digital certificate system and verification method of trustable computing environment
CN103856477B (en) * 2012-12-06 2018-01-02 阿里巴巴集团控股有限公司 A kind of credible accounting system and corresponding authentication method and equipment
CN103347073B (en) * 2013-07-02 2016-04-27 北京大学 A kind of cloud administration behaviour method of controlling security and system
CN104184743B (en) * 2014-09-10 2017-06-16 西安电子科技大学 Towards three layers of Verification System and authentication method of cloud computing platform
EP3026560A1 (en) * 2014-11-28 2016-06-01 Thomson Licensing Method and device for providing verifying application integrity
CN105516207B (en) * 2016-01-28 2018-08-14 浪潮电子信息产业股份有限公司 Certificate management method in remote authentication
CN107609136B (en) * 2017-09-19 2021-03-05 北京许继电气有限公司 Access characteristic marking-based autonomous controllable database auditing method and system
CN107766724A (en) * 2017-10-17 2018-03-06 华北电力大学 A kind of construction method of trusted computer platform software stack function structure

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE202011103084U1 (en) * 2011-07-11 2012-10-15 Metrona Wärmemesser Union Gmbh Tamper-proof standard dosimetry for cabin air filtration systems in transport vehicles - static dosimetry in the tropopause region
CN102355351A (en) * 2011-07-21 2012-02-15 华为技术有限公司 Key generation, backup and migration method and system based on trusted computing
CN107003916A (en) * 2014-11-28 2017-08-01 汤姆逊许可公司 Method and apparatus for providing checking application integrity
CN105760271A (en) * 2016-01-28 2016-07-13 浪潮电子信息产业股份有限公司 Method for monitoring credible state of computing node in cluster mode
CN105873031A (en) * 2016-04-08 2016-08-17 西安电子科技大学 Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Design and Implementation of Dual AIK Signing Scheme in Virtual TPM";Yuqiong Sun、Cheng Song、Mengqian Li;《2010 3rd International Symposium on Parallel Architectures, Algorithms and Programming》;20110217;全文 *
"基于改进型可信网络连续的动态网络控制的设计和研究";崔善童;《信息科技》;20140515;全文 *

Also Published As

Publication number Publication date
CN113645229A (en) 2021-11-12
CN108833522B (en) 2021-06-22
CN113645229B (en) 2023-04-07
CN113645230A (en) 2021-11-12
CN108833522A (en) 2018-11-16

Similar Documents

Publication Publication Date Title
CN113645230B (en) System and method for analyzing credibility value of node
US10761913B2 (en) System and method for real-time asynchronous multitenant gateway security
Paccagnella et al. Custos: Practical tamper-evident auditing of operating systems using trusted execution
Imran et al. Web data amalgamation for security engineering: Digital forensic investigation of open source cloud.
CN111898148A (en) Information supervision method and device based on block chain
CN111082940A (en) Internet of things equipment control method and device, computing equipment and storage medium
US11025415B2 (en) Cryptographic operation method, method for creating working key, cryptographic service platform, and cryptographic service device
WO2015154455A1 (en) Method, device, nms, oss, and ems for alarm processing
US20120185936A1 (en) Systems and Methods for Detecting Fraud Associated with Systems Application Processing
US9887889B1 (en) State reconciliation using event tracking and polling
CN114780214B (en) Task processing method, device, system and equipment
Zeng et al. Computer operating system logging and security issues: a survey
US9985974B2 (en) Securing services and intra-service communications
CN111698126A (en) Information monitoring method, system and computer readable storage medium
CN108092777B (en) Method and device for supervising digital certificate
CN111859379B (en) Processing method and device for protecting data model
US11606279B2 (en) Secure heartbeat monitoring
US20170149831A1 (en) Apparatus and method for verifying detection rule
CN115941287A (en) Password service integration and management method, device, management platform and storage medium
US11847483B2 (en) Secure virtual machine software management
JP2002318700A (en) Providing/control method for operation management information of virtual computer system and virtual computer system
CN111797002A (en) Workflow testing method, device, equipment and storage medium based on Oozie
CN118300832B (en) Multi-device access platform processing method and system
Hubballi et al. Cloud security service level agreements: Representation and measurement
JP2011113243A (en) System for monitoring application operating in virtual environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant