CN114116026B - Cloud platform trust chain layered model construction method - Google Patents
Cloud platform trust chain layered model construction method Download PDFInfo
- Publication number
- CN114116026B CN114116026B CN202111340139.7A CN202111340139A CN114116026B CN 114116026 B CN114116026 B CN 114116026B CN 202111340139 A CN202111340139 A CN 202111340139A CN 114116026 B CN114116026 B CN 114116026B
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- operating system
- vtpm
- trust chain
- measuring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000010276 construction Methods 0.000 title claims abstract description 9
- 238000004088 simulation Methods 0.000 claims abstract description 36
- 238000000034 method Methods 0.000 claims abstract description 18
- 239000000306 component Substances 0.000 claims description 36
- 238000005259 measurement Methods 0.000 claims description 31
- 238000012795 verification Methods 0.000 claims description 24
- 239000008358 core component Substances 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 101100296683 Arabidopsis thaliana PCR11 gene Proteins 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000003752 polymerase chain reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4411—Configuring for operating with peripheral devices; Loading of device drivers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
Description
Claims (2)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111340139.7A CN114116026B (en) | 2021-11-12 | 2021-11-12 | Cloud platform trust chain layered model construction method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111340139.7A CN114116026B (en) | 2021-11-12 | 2021-11-12 | Cloud platform trust chain layered model construction method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114116026A CN114116026A (en) | 2022-03-01 |
CN114116026B true CN114116026B (en) | 2023-04-07 |
Family
ID=80379303
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111340139.7A Active CN114116026B (en) | 2021-11-12 | 2021-11-12 | Cloud platform trust chain layered model construction method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114116026B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114389824B (en) * | 2022-03-24 | 2022-07-12 | 湖南天河国云科技有限公司 | Verification updating method and device of trusted computing trust chain based on block chain |
CN114756335A (en) * | 2022-06-15 | 2022-07-15 | 中电云数智科技有限公司 | Trust chain construction method of trusted cloud server of hybrid architecture and server |
CN116049866A (en) * | 2022-06-27 | 2023-05-02 | 荣耀终端有限公司 | Data protection method, electronic equipment and chip system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103886259A (en) * | 2014-03-19 | 2014-06-25 | 四川大学 | Kernel-level rootkit detecting and processing method based on Xen virtualization environment |
CN105095768A (en) * | 2015-08-20 | 2015-11-25 | 浪潮电子信息产业股份有限公司 | Virtualization-based credible server trust chain construction method |
CN105956465A (en) * | 2016-05-04 | 2016-09-21 | 浪潮电子信息产业股份有限公司 | VTPM-based method for constructing virtual trusted platform |
CN107545184A (en) * | 2017-08-17 | 2018-01-05 | 大唐高鸿信安(浙江)信息科技有限公司 | The credible measurement system and method for cloud main frame |
CN109992972A (en) * | 2019-04-10 | 2019-07-09 | 北京可信华泰信息技术有限公司 | The method for building up and system of trust chain in a kind of cloud environment |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8032741B2 (en) * | 2007-08-22 | 2011-10-04 | Intel Corporation | Method and apparatus for virtualization of a multi-context hardware trusted platform module (TPM) |
US9070251B2 (en) * | 2013-03-08 | 2015-06-30 | Igt | Multi-tiered static chain of trust |
CN103995732B (en) * | 2014-05-26 | 2017-02-22 | 华为技术有限公司 | Virtual trusted platform module function implementation method and management equipment |
-
2021
- 2021-11-12 CN CN202111340139.7A patent/CN114116026B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103886259A (en) * | 2014-03-19 | 2014-06-25 | 四川大学 | Kernel-level rootkit detecting and processing method based on Xen virtualization environment |
CN105095768A (en) * | 2015-08-20 | 2015-11-25 | 浪潮电子信息产业股份有限公司 | Virtualization-based credible server trust chain construction method |
CN105956465A (en) * | 2016-05-04 | 2016-09-21 | 浪潮电子信息产业股份有限公司 | VTPM-based method for constructing virtual trusted platform |
CN107545184A (en) * | 2017-08-17 | 2018-01-05 | 大唐高鸿信安(浙江)信息科技有限公司 | The credible measurement system and method for cloud main frame |
CN109992972A (en) * | 2019-04-10 | 2019-07-09 | 北京可信华泰信息技术有限公司 | The method for building up and system of trust chain in a kind of cloud environment |
Non-Patent Citations (9)
Title |
---|
Fucheng You.Multiway dynamic trust chain model on virtual machine for cloud computing.《China Communications》.2016,第第13卷卷(第第13卷期),第83-91页. * |
He Rongyu, Wu Shaojie.A User-specific Trusted Virtual Environmental for Cloud Computin.《Information Technology Joutnal》.2013,第第12卷卷(第第12卷期),第1905-1913页. * |
Jie Zhu ; Guoyuan Lin China University of Mining and Technology, Xuzhou, Jiangsu, CN * |
万鑫.云计算环境下可信虚拟数据中心构建及其关键技术研究.《中国博士学位论文全文数据库 (信息科技辑)》.2018,(第undefined期),I138-3. * |
张飞飞 ; 宋昕 ; 邢彬 ; .基于vTPM两阶段度量构建可信虚拟域.信息系统工程.2018,(第02期),第43-45页. * |
易平 ; 庄毅 ; .基于龙芯处理器的嵌入式可信解决方案.计算机技术与发展.2018,(第05期),第112-116页. * |
李海威 ; 范博 ; 李文锋 ; .一种可信虚拟平台构建方法的研究和改进.信息网络安全.2015,(第01期),第1-5页. * |
王晓 ; 张建标 ; 曾志强 ; .基于可信平台控制模块的可信虚拟执行环境构建方法.北京工业大学学报.2019,第45卷(第06期),第554-565页. * |
米秀明 ; 房超.基于Unikernel技术的移动通信网络虚拟可信管理技术研究.《信息与电脑(理论版)》.2019,第第31卷卷(第第31卷期),第168-169页. * |
Also Published As
Publication number | Publication date |
---|---|
CN114116026A (en) | 2022-03-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN114116026B (en) | Cloud platform trust chain layered model construction method | |
McCune et al. | Flicker: An execution infrastructure for TCB minimization | |
US8850212B2 (en) | Extending an integrity measurement | |
US8151262B2 (en) | System and method for reporting the trusted state of a virtual machine | |
US9288155B2 (en) | Computer system and virtual computer management method | |
US8516481B2 (en) | Virtual machine manager system and methods | |
US9361462B2 (en) | Associating a signing key with a software component of a computing platform | |
US20110246778A1 (en) | Providing security mechanisms for virtual machine images | |
CN113886809A (en) | Computing device | |
CN109165079B (en) | Cloud data center trusted platform based on virtualization and method for building trust chain | |
CN102244684B (en) | EFI (Extensible Firmware Interface) trusted Cloud chain guiding method based on USBKey | |
JP2009015818A (en) | Dynamic trust management | |
KR20150105390A (en) | Roots-of-trust for measurement of virtual machines | |
CN107704308B (en) | Virtual platform vTPM management system, trust chain construction method and device, and storage medium | |
CN102214277B (en) | Method and device for establishing trusted environments for virtual machine system of multicore processor | |
CN105354493A (en) | Virtualization technology based terminal trust enhancement method and system | |
CN111158906A (en) | Credible cloud system for active immunization | |
CN105718807A (en) | Android system based on software TCM and trusted software stack and trusted authentication system and method thereof | |
CN112800429A (en) | Method for protecting driver in UEFI BIOS firmware system based on foundation | |
CN111698091A (en) | Docker platform dynamic protection method based on trusted computing | |
CN104268477A (en) | Safety control method and network device | |
Bugiel et al. | Implementing an application-specific credential platform using late-launched mobile trusted module | |
Toegl et al. | acTvSM: A dynamic virtualization platform for enforcement of application integrity | |
Narayanan et al. | Remote attestation of SEV-SNP confidential VMs using e-vTPMs | |
Yu et al. | Obtaining the integrity of your virtual machine in the cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Chen Xingshu Inventor after: Zhou Mingxing Inventor after: Wang Qixu Inventor after: Yang Miaomiao Inventor after: Gui Yanshuang Inventor after: Ruan Shuhua Inventor after: Liu Junwei Inventor after: Zhang Shengju Inventor before: Chen Xingshu Inventor before: Zhou Mingxing Inventor before: Wang Qixu Inventor before: Yang Miaomiao Inventor before: Gui Yanshuang Inventor before: Ruan Shuhua Inventor before: Liu Weijun Inventor before: Zhang Shengju |
|
CB03 | Change of inventor or designer information | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240102 Address after: 215163 Building 1, 58 Kunlunshan Road, high tech Zone, Suzhou City, Jiangsu Province Patentee after: CHINA MOBILE (SUZHOU) SOFTWARE TECHNOLOGY Co.,Ltd. Patentee after: SICHUAN University Address before: 610065, No. 24, south section of first ring road, Chengdu, Sichuan, Wuhou District Patentee before: SICHUAN University |
|
TR01 | Transfer of patent right |