WO2013051760A1 - Système permettant d'empêcher la contrefaçon et la falsification de données de mesures générées dans un service informatique en nuage - Google Patents

Système permettant d'empêcher la contrefaçon et la falsification de données de mesures générées dans un service informatique en nuage Download PDF

Info

Publication number
WO2013051760A1
WO2013051760A1 PCT/KR2011/009876 KR2011009876W WO2013051760A1 WO 2013051760 A1 WO2013051760 A1 WO 2013051760A1 KR 2011009876 W KR2011009876 W KR 2011009876W WO 2013051760 A1 WO2013051760 A1 WO 2013051760A1
Authority
WO
WIPO (PCT)
Prior art keywords
metering
cloud computing
metering data
service
computing system
Prior art date
Application number
PCT/KR2011/009876
Other languages
English (en)
Korean (ko)
Inventor
박규호
박기웅
Original Assignee
한국과학기술원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국과학기술원 filed Critical 한국과학기술원
Publication of WO2013051760A1 publication Critical patent/WO2013051760A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5003Managing SLA; Interaction between SLA and QoS
    • H04L41/5009Determining service level performance parameters or violations of service level contracts, e.g. violations of agreed response time or mean time between failures [MTBF]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5032Generating service level reports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Definitions

  • the present invention provides a method for preventing forgery and tampering with metering data generated in a computing service system based on a pay-as-you-go pricing model, such as cloud computing.
  • a system that relates to a method of preventing tampering and tampering with metering data generated in a cloud computing system that prevents even administrators of a computer from tampering with metering data generated inside the computer, and a cloud that prevents forgery and tampering with metering data. It is to provide a computing system.
  • the present invention provides a method for preventing forgery and tampering with metering data generated in a computing service system based on a pay-as-you-go pricing model, such as cloud computing.
  • a system that relates to a method of preventing tampering and tampering with metering data generated in a cloud computing system that prevents even administrators of a computer from tampering with metering data generated inside the computer, and a cloud that prevents forgery and tampering with metering data. It is to provide a computing system.
  • Korean Patent Laid-Open Publication No. 2011-0040604 relates to a cloud computing system that uses a resource of a cloud server that provides a cloud computing service to a client terminal having limited resources.
  • the cloud server includes a communication unit, a virtual device driver manager, and a computing service provider. Including, when the cloud server receives a computing service request to support the client terminal to use the device to run the desired information from the client terminal, by searching for the virtual device driver for the device in accordance with the computing service request using the retrieved virtual device driver The computing service may be provided to the client terminal.
  • Korean Patent Laid-Open Publication No. 2011-0038909 relates to a PC room content providing system for charging a user fee by providing a cloud computing service to a user terminal of an affiliated PC room.
  • Korean Patent Application Publication No. 2011-0038909 discloses a PC room user terminal having a screen display function of a content received through cloud computing processing, and provides an initial screen to a user terminal, and receives an application for using a certification number and specific content from the initial screen.
  • Virtualization management that transmits access information by assigning a gateway server that provides access information of a virtual server by performing authentication, and creating, starting, and destroying a plurality of virtual servers, and assigning a virtual server assigned 1: 1 to a user terminal.
  • a virtual server that is executed under the control of a server and a virtualization management server, receives a user command from a user terminal, provides a cloud computing processed content providing service, and records a log of usage time and content of each user terminal; Charged by applying the unit price per member and PC room affiliated stores, individual users charged It consists of a billing server that transmits the usage fee of the terminal to the portal server, so that the individual billing based on the content usage status of the user for the cloud computing system.
  • a computing service based on a pricing model that pays only as much as it uses by using a cloud computing system is becoming popular, so that a record of the use of computing resources and service quality provided as a service type can be trusted.
  • each user In the service model that pays as much as used, each user must be metered in a reliable way to determine whether the service has been provided at the level of usage time and service promised for the service provided. Because it becomes.
  • FIG. 1 illustrates an example of metering of billing services of electricity and water services, and in the case of water and electricity, which are service models that pay only for use, respectively, each water device 100 and an electric device.
  • Each of the metering devices 101 and 111 is provided at 110 so that the user and the supplier can clearly know how much service is used, and the inside of each of the metering devices 101 and 111 is shielded 102 or 112. ), And users and suppliers are designed to tamper with the meter's internal values, so logging can be done in a reliable way.
  • SLAs Service Level Agreements
  • FIG. 2 illustrates the metering of a conventional computing system capable of counterfeit modulation.
  • the computing system includes a metering module 201 configured in software, and checks the SLA in the metering module 201, thereby violating the SLA.
  • the metering module 201 records a violation in the internal data space and takes a method of reporting to the user 200 through the metering data 202 at the time of the violation or when the service is terminated.
  • this logging method has several limitations in terms of security.
  • the service provider may change the content of the metered data so that users are charged more, and change the data that records whether the quality of the service should be satisfied, even if the quality of the service is not satisfied.
  • vulnerabilities can occur in various security, such as changing information as if the requirements are satisfied.
  • the technical problem of the present invention is to solve the problems described in the prior art as described above, by using a security module mounted inside the computing system to prevent forgery and modulation of the metering data generated during cloud computing And for the provision of the system.
  • a method for preventing forgery and tampering with metering data generated in a cloud computing service includes: a first step in which a metering software unit installed in the cloud computing system is initialized and driven; A second step of executing a cloud computing service in the cloud computing system; A third step of monitoring whether or not a service level agreement (SLA) is observed for the cloud computing service driven in the second step; A fourth step of recording the detected SLA violation message to the metering software unit if a violation of the SLA is detected in the third step; And a fifth step of generating metering data including the recorded SLA violation message when the cloud computing service is terminated.
  • SLA service level agreement
  • the method for preventing forgery and modulation of metering data according to the present invention is characterized in that the metering software unit driven in the first step is executed by a reliable drive module comprising a Trusted Execution Technology (TXT) unit. do.
  • TXT Trusted Execution Technology
  • the method for preventing forgery and modulation of metering data according to the present invention is characterized in that the metering data generated in the fifth step is provided with a security function by a Trusted Platform Module (TPM).
  • TPM Trusted Platform Module
  • a method for preventing forgery and tampering with metering data comprises at least one of storing a hash value for the metering software unit being executed.
  • PCRs platform configuration registers
  • a monotonic counter that increments the counter by one direction only for the metering data
  • a monotonic counter that secures the metering data and ensures the integrity of the stored metering data.
  • a tick stamp unit for generating a sealing unit and tick information to digitally sign the metering data.
  • the SLA monitored in the third step is a service quality consisting of a service failure tolerance time, usage time, storage and network bandwidth, and a group of software license numbers. It is characterized by.
  • the metering data recorded in the fifth step gives a dependency for each message monitored based on a seed value, and finally the TPM is applied. It includes a digital signature through.
  • a method of preventing forgery and tampering with metering data includes a service initialization record message in which the metering data is recorded upon initialization of the metering software, a detected SLA violation message, and a service termination record message recorded when the cloud computing service is terminated. Characterized in that it comprises a.
  • the method for preventing forgery and modulation of metering data according to the present invention is characterized in that the metering data generated after the fifth step is verified by a verification module of a user-side computing system.
  • a cloud computing system for preventing forgery and tampering with metering data generated by a cloud computing service includes: a reliability driving module for executing metering software installed in the cloud computing system; And a trusted platform module (TPM) that provides a security function for metering data generated by the metering software executed through the reliability driving module during the cloud computing service.
  • TPM trusted platform module
  • the reliable drive module further includes a Trusted Execution Technology (TXT) unit, the TXT unit is a hash of a program to be driven according to a specified program list The program is executed only when a value exists in the program list.
  • TXT Trusted Execution Technology
  • the metering software unit monitors the compliance of a service level agreement (SLA) in the cloud computing service and detects a violation of the SLA, The detected SLA violation message is recorded in the metering data.
  • SLA service level agreement
  • Cloud computing system that prevents forgery and tampering with metering data according to the present invention is characterized in that the SLA is defined as a service quality consisting of a service failure tolerance time, usage time, storage and network bandwidth, the number of software licenses It is done.
  • the metering data is subject to dependence on each message monitored based on a seed value, and finally a digital signature through the TPM is applied. Characterized in that it is included.
  • a service initialization record message in which the metering data is recorded when the metering software unit is initialized, a detected SLA violation message, and a service recorded when the cloud computing service ends. And an end recording message.
  • a cloud computing system for preventing forgery and modulation of metering data according to the invention is characterized in that it comprises a verification module for verifying the metering data generated by the metering software unit.
  • the present invention prevents the disadvantages of the metering method that is involved in the conventional pay-as-you-go pricing model method, that is, prevents forgery / falsification of the metered data, thereby creating security in the conventional system.
  • FIG. 1 is an exemplary diagram illustrating a metering system of a billing service of a general electricity and water service.
  • FIG. 2 is a diagram illustrating the operation of a metering system of a conventional computing system capable of forgery and modulation.
  • FIG. 3 is a flowchart illustrating a method of preventing forgery and tampering with metering data generated in a cloud computing service according to the present invention.
  • FIG. 4 is a diagram illustrating an operation process of performing metering in a cloud computing system loaded with a metering software unit according to the present invention.
  • FIG. 5 is a diagram illustrating a TPM and a TXT based performing operation, which is a hardware-based security module used in the present invention.
  • FIG. 6 is a diagram illustrating a message transaction process for performing metering data generation according to the present invention.
  • FIG. 7 is a diagram illustrating a process of a message transaction operation for performing metering data generation according to the present invention.
  • Embodiments according to the concept of the present invention may be variously modified and may have various forms, and specific embodiments will be illustrated in the drawings and described in detail in the present specification or application. However, this is not intended to limit the embodiments in accordance with the concept of the present invention to a particular disclosed form, it should be understood to include all changes, equivalents, and substitutes included in the spirit and scope of the present invention.
  • FIG. 3 is a flow diagram illustrating a method of preventing forgery and tampering with metering data generated in a cloud computing service according to the present invention.
  • a user-side computing system requests a service from a cloud computing system
  • a metering software unit installed in the cloud computing system is initialized and driven (S10).
  • the cloud computing service requested by the user is executed in the cloud computing system (S20), and in this case, the cloud computing system monitors whether the service level agreement (SLA) for the cloud computing service is observed (S30).
  • SLA service level agreement
  • This SLA can be defined as a service quality consisting of service failure tolerance time, usage time, storage and network bandwidth, and software license count.
  • step S30 If, in step S30, a violation of the SLA is detected (S40), the detected SLA violation message is recorded in the metering software unit, and if the user requests termination of the cloud computing service, the recorded SLA violation message Generate metering data including a (S50). Thereafter, the user may receive the metering data generated by the user-side computing system and verify it (S60).
  • the cloud computing system 1 executes a trusted platform module (TPM) 30 that provides a secure storage of data and a program integrity verification function in a hardware manner, and executes only a verified program in a secure manner.
  • TPM trusted platform module
  • Trusted Execution Technology (TXT) unit 21 for performing the operation, and based on the TPM 30 and the TXT unit 21, a reliable drive module 20, a reliable drive module for executing a metering program in a reliable manner After 20) is executed, it may include a metering software unit 10 for measuring and recording the state and SLA in the system 1, and a verification module 50 for verifying the metered data.
  • TXT Trusted Execution Technology
  • the Trusted Execution Technology (TXT) unit 21 of the reliability drive module 20 allows execution only for the program list specified by the user.
  • TXT Trusted Execution Technology
  • the TPM 30 is a kind of security hardware device that provides encryption-related functions and security functions for storing important data, and many computing devices are currently equipped with a TPM.
  • the present invention utilizes the security technology provided by the TPM 30, as shown in FIG.
  • the platform configuration register (PCR) 31 performs an integrity check function for a program to be executed.
  • PCR 31 stores the platform state of the current computing system 1.
  • a sequence of code such as (A) code inside the CMOS ROM-> (B) bootloader-> (C) operating system-> (D) programs, etc. This is called booting, and the PCR 31 stores a state of a program to be driven by using a hash function.
  • the values stored in PRC0, PCR1, PCR2, and PCR3 can be checked, and the current computing system can verify whether "what program" is executed in "in what order". Since the hash function used in this booting process has a one-way characteristic and even if the result value is known, it is very difficult to know the value inputted to the hash. It is very hard to get a hash value equal to.
  • the user who wants to run the metering program of the metering software unit 10 checks the value stored in each PCR value, so that his metering program ((D) program) knows the operating system and its In order to determine whether the following software (A, B, C) was performed with the PCR0-PCR3 value can be verified by comparing with the correct value known to them. Since each PCR value (PCR0-PCR3) is calculated and recorded in the TPM 30, the TPM 30 cannot change the value of the PCR 31 to an arbitrary value, so that the metering software unit 10 The user who wants to drive the test will be able to check whether his metering program is safely initialized and run by verifying the PCR value.
  • the Quote calculation unit 35 of the TPM 30 inserts the digital signature information that only the TPM 30 can generate for each value of the PCR 31 to insert the metering software unit 10.
  • the user can verify whether the digital signature operation is generated by the TPM 30 using the AIK (Attestation Identity Key) of the TPM 30.
  • the monotonic counter 32 is a counter that increments only one by one in a unidirectional direction, so that only a specific program can change the counter value. For example, only the program of the metering software unit 10 that the user intends to drive provides a function that can make a specific monotonic counter value changeable. The function of this monotonic counter is utilized to check the integrity of the execution for the metering software unit 10.
  • the sealing unit 33 provides a sealing operation function, which provides a function for ensuring the integrity of the stored data while safely storing specific data. That is, when the metering software unit 10 encrypts the data using a sealing operation, only the metering software unit 10 provides a function of protecting the hardware so that the corresponding data can be decrypted. This utilizes the characteristics of the PCR 31. When the metering software unit 10 is executed, the value of the PCR 31 is changed to the hash value of the metering software unit 10, and the metering software unit 10 is PCR.
  • the nonvolatile memory region 36 is present in the TPM 30, and thus data may be safely stored in the TPM 30 using a sealing operation.
  • the metering software unit 10 has stored data in the nonvolatile memory area 36 inside the TPM 30 using a sealing operation, only the metering software unit 10 can decode this stored data, and the nonvolatile In addition to the memory area 36, data may be stored in a separate storage area of the computing system 1 in which the metering software unit 10 is loaded through calculation by the sealing unit 33.
  • the TPM 30 generates the tick information generated internally in hardware and provides a function of digitally signing the TPM 30 and outputting the tick information.
  • the tick stamp unit 34 is a tick. Include the digital signature generated by the TPM 30 in the information. Accordingly, the user who drives the metering software unit 10 can verify that the tick stamp by the tick stamp unit 34 is generated by the TPM 30. Therefore, the present invention can record exactly when the corresponding logging was recorded by using a tick stamp every time the metered data is recorded using this feature.
  • the system utilizing the functions of the TPM 30 and the TXT unit 21 includes a user-side computing system 50 using a cloud computing service and a cloud computing system 1 providing a service to a user. ) And a metering software unit 10 for metering the cloud computing system 1.
  • the user who tries to meter the SLA of the service provided by the user by running the turing software unit 10 runs the metering software unit 10 in a reliable manner by using the TXT unit 21, and is properly initialized and driven.
  • the first step is to confirm that the user starts the cloud computing service, the metering software unit 10 monitors SLA compliance, and if there is a SLA violation, the violation is safely recorded ( 11) (second step), the user ends the use of the computing system and simultaneously generates and receives the data recorded by the metering software unit 10 as the metering data 40, and the user side computing system ( 50) can be verified through the verification module (third step).
  • the user may safely drive the metering software unit 10 by driving the metering software unit 10 in a safe manner by the reliability driving module 20, and may perform the second process. It is possible to change or delete the logging data generated by the metering software unit 10 provided by the user.
  • the third process is performed to verify the metering data 40 generated by the metering software unit 10 so that the user can finally verify whether the service is provided according to the SLA. It becomes possible.
  • Tick Stamp Tick value that contains the digital signature information generated by the TPM.
  • PK public key for verification of digital signature
  • N Abbreviation for Nonnce, a series of randomly generated random values that prevents data integrity and replay attacks.
  • NV_Write Performs sealing operation inside the TPM and stores it in the TPM internal nonvolatile memory area.
  • Key_Generation Generates private key (SK) and public key (PK) for digital signature and verification between user and metering software unit.
  • the message notation indicates the beginning and the end using ' ⁇ ' and ' ⁇ '
  • B ⁇ means one message composed of data of A and B as one message.
  • ⁇ A ⁇ K means data encrypted with the key A of K.
  • A'H (A)' means a result of a hash operation, and indicates a result obtained by inputting A into a hash function.
  • the hash operation of the present invention is a safe hash function, for example, SHA-1, SHA-256. Using a hash function that proves to be secure, it is difficult to infer the original value of the input as the result of the hash.
  • 'tick-stamp' notation means tick stamp information generated by the TPM 30, and promises that 'tick-stamp' includes digital signature information generated by the TPM 30.
  • 'SK' is an abbreviation of Secret Key, which means a private key used to generate digital signatures
  • 'PK' is an abbreviation of Public Key, which means a public key used to verify digital signature values.
  • 'N' is an abbreviation of Nonce, a randomly generated series of random values used to prevent data integrity and replay attacks.
  • 'NV_Write ()' refers to an operation that performs a sealing operation inside the TPM 30 and stores it in the nonvolatile memory area 36 inside the TPM 30. More specifically, in the case of NV_Write (PCR18, Message) This means that the data message is encrypted using the 18th PCR value (Sealing) and stored in the nonvolatile memory area 36. Therefore, the value of PCR18 when NV_Write () is decoded is the PCR18 value when decrypting. You must get a match to get a message.
  • 'Extend ()' function corresponds to the program integrity check function to be performed by using PCR (31). It means to derive a new value by using a hash function of the PCR value.
  • PCR18, Data This means that a new PCR18 value is derived by putting the PCR18 value into the hash function along with the data value.
  • the 'Key_Generation ()' function means generating a private key SK and a public key PK for digital signature and verification between the user and the metering software unit 10.
  • the 'Quote ()' function generates a digital signature for the current PCR value.
  • 'Quote (PCR17, Data)' generates a digital signature for Data and PCR17.
  • the private key of the TPM 50 serves to verify that the digital signature is made.
  • 6 and 7 illustrate a sequence of message transactions and operations for metering and logging utilizing the notation described and the security techniques mentioned above.
  • Metering for the cloud computing service comprises a total of three processes, a first process of initializing, a second process of performing metering and logging while using a real service, and a process of verifying metered data after service termination. It can consist of three processes.
  • the initialization is performed.
  • the value of PCR17 is initialized to the hash value of the metering software unit 10.
  • the user who will run the metering software unit 10 will send an S value and a random value of Nonce (N), where SLA is the description of the metric that the metering software unit 10 will monitor and the minimum value to guarantee. Is recorded. If the disk bandwidth is described as 20 MB / sec or more as one item of the SLA, the metering software unit 10 will record the violation if the current disk bandwidth is measured to be less than 20 MB / sec.
  • the metering software unit 10 receiving the message reads the H (S) value, which is the hash value of the S value, and the current Tick-Stamp value from the TPM 30, inputs it into the Extend () function, and stores the value in the PCR18 value. This will be used later to check that the metering software unit 10 is properly initialized.
  • H (S) value which is the hash value of the S value
  • Tick-Stamp value from the TPM 30
  • the metering software unit 10 receiving the message reads the H (S) value, which is the hash value of the S value, and the current Tick-Stamp value from the TPM 30, inputs it into the Extend () function, and stores the value in the PCR18 value. This will be used later to check that the metering software unit 10 is properly initialized.
  • the metering software unit 10 generates SK and PK, which are keys for digital signature and verification, between the user and the metering software unit 10, and initializes the random value N received from the user to a Seed value.
  • Seed value is inserted into monitoring data and used to verify the integrity of logged data.
  • the generated key, SK which is a key for digital signature
  • SLA data received from the user Counter, which is a monotonic counter value inside the TPM 30, and the Seed value are stored in the PCR17 using the Extend function.
  • Data is stored in the black-box type data (BB) 60, which is a space for storing the metered data, through the sealing unit 33.
  • BB black-box type data
  • PCR18 and PCR17 are performed by performing three extend functions.
  • the Quote () operation is performed, and the Quote operation for PCR17 and PCR18 is output as N as an input value and q as a result value, so that the user who has driven the metering software unit 10 has entered Using the S value and the nonce, it is possible to verify that the initialization has been properly performed.
  • the AIK, PK, and the time when the initialization is completed are finally shared between the user and the metering software.
  • After the encryption using the key is transmitted from the cloud computing system 1 to the user-side computing system 50. Upon receiving this, the user can verify whether the initialization is correctly performed using the S value and the N value sent by the hash function and the AIK, and the initialization process is terminated.
  • the second process is a series of processes that are periodically performed while receiving the actual cloud computing service. Since the metering software unit 10 is executed through the reliability driving module 20, the PCR17 value of the metering software unit 10 is determined. It is initialized to a hash value and reads SLA, Monotonic Counter, Seed values, which are data stored in the nonvolatile memory area 36 of the TPM 30 in the first step. Only unit 10 can read this value. At that time, the metering software unit 10 reads the monotonic counter value and operates only when it matches the counter value stored in the nonvolatile memory area 36 of the TPM 30. If there is a match, the SLA_Monitoring function is executed to check the current SLA for compliance.
  • the violation information is referred to as BB (black box data. Naming) (60), which is composed of a Violation item that records the violation, the current Tick Stamp information, and a Seed value.
  • the Seed value is a value initialized during the first process, and the Violation and It is updated with the Tick Stamp information. Whenever Violation occurs, the Seed value is updated to be dependent on the previous Seed value.
  • the monotonic counter value is increased by 1, and the Seed value is stored in the nonvolatile memory area 36 of the TPM 30 through the sealing unit 33 together with the PCR17.
  • the third process is a process performed at the end of a service, and the user side computing system 50 sends a request message for terminating the metering software unit 10, and the metering software unit 10 receiving the request Read the SK value, the counter value, and the Seed value from the nonvolatile memory area 36 inside the TPM 30, perform a sealing operation through the sealing unit 33 together with the PCR17 value, and store it in the BB 60. Then, PCR17 and PCR18 are updated through extend operation.
  • the reason for updating PCR17 to 0xFF is the same reason as updating to 0xFF in the first step. In order to prevent the intermediate value from being read even if the system administrator reads the PCR value later, 0xFF is used as the input value. It is characterized by updating. In addition, for PCR18, updating the 0xFF to the final input value is performed for the above purpose.
  • the metering software unit 10 performs an unsealing operation for decrypting the data recorded in the BB 60 from the first process to the second process, and receives the decrypted BB data from the user who performed the metering software.
  • the user can prove that the generated BB data 60 is the data generated by the metering software unit 10, and the BB data 60 includes the metering software unit 10.
  • Service initialization record message 61 recorded at the time of initialization), the detected SLA violation message 62, and the service termination record message 62 recorded at the end of the cloud computing service, and the BB data 60 has a first process.
  • the digital signature is generated by SK generated by S and sent to the user along with the q value resulting from the Quote operation.
  • the present invention is utilized in a method of verifying metering data generation and metering information that cannot be forged and tampered with in a pay-as-you-go pricing model-based computing service system that pays only as used as cloud computing.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé permettant de générer des données de mesure impossibles à falsifier, qui empêche la contrefaçon et vérifie les données dans un système de services informatiques basé sur le modèle de facturation à l'utilisation, tel qu' un service informatique en nuage, dans lequel un utilisateur paie pour le volume utilisé ; et en particulier un procédé permettant de vérifier des données de mesure générées dans un ordinateur, dont le contenu ne subit aucune tentative de modification, même de la part du gestionnaire d'un ordinateur. Conformément à l'invention, le système de mesure comprend : un module de sécurité de matériel appelé Module de plateforme fiable (TPM) ; un module de sécurité de matériel appelé Technologie d'exécution fiable (TXT) ; un module de programme permettant d'effectuer un calcul de mesure d'un système informatique ; et un module de programme permettant de vérifier les calculs.
PCT/KR2011/009876 2011-10-04 2011-12-20 Système permettant d'empêcher la contrefaçon et la falsification de données de mesures générées dans un service informatique en nuage WO2013051760A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2011-0100649 2011-10-04
KR1020110100649A KR101275773B1 (ko) 2011-10-04 2011-10-04 클라우드 컴퓨팅 서비스에서 생성된 미터링 데이터에 대한 위조 및 변조를 방지하는 시스템

Publications (1)

Publication Number Publication Date
WO2013051760A1 true WO2013051760A1 (fr) 2013-04-11

Family

ID=48043910

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2011/009876 WO2013051760A1 (fr) 2011-10-04 2011-12-20 Système permettant d'empêcher la contrefaçon et la falsification de données de mesures générées dans un service informatique en nuage

Country Status (2)

Country Link
KR (1) KR101275773B1 (fr)
WO (1) WO2013051760A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9686077B2 (en) 2014-03-06 2017-06-20 Microsoft Technology Licensing, Llc Secure hardware for cross-device trusted applications
CN110825632A (zh) * 2019-11-01 2020-02-21 北京金山云网络技术有限公司 云计算资源计量数据测试方法、系统、装置及电子设备

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10524028B1 (en) 2019-01-23 2019-12-31 Nutanix, Inc. Validating live metering service in a cloud infrastructure
KR102275827B1 (ko) * 2020-03-26 2021-07-13 한국전자통신연구원 기밀 실행 소프트웨어 배포 방법 및 장치

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003150723A (ja) * 2001-11-14 2003-05-23 Nippon Telegr & Teleph Corp <Ntt> サービスプロバイダのsla違反検出及び返金処理方法及びシステム
KR20050030539A (ko) * 2003-09-26 2005-03-30 인터내셔널 비지네스 머신즈 코포레이션 실시간 sla 영향 분석 방법과 그 시스템, 머신 판독가능 저장 장치 및 실시간 sla 영향 평가 방법
KR20060033003A (ko) * 2003-07-11 2006-04-18 인터내셔널 비지네스 머신즈 코포레이션 비지니스 레벨의 서비스 수준 협약의 모니터링 및 제어시스템 및 방법
JP4691477B2 (ja) * 2006-08-29 2011-06-01 日立電子サービス株式会社 Sla監視システム
KR20110069143A (ko) * 2008-10-08 2011-06-22 카아보 아이엔씨. N-계층 애플리케이션을 위한 클라우드 컴퓨팅 수명 주기 관리

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050054665A (ko) * 2003-12-05 2005-06-10 한국전자통신연구원 고객 요구에 따른 서비스 품질 측정 장치 및 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003150723A (ja) * 2001-11-14 2003-05-23 Nippon Telegr & Teleph Corp <Ntt> サービスプロバイダのsla違反検出及び返金処理方法及びシステム
KR20060033003A (ko) * 2003-07-11 2006-04-18 인터내셔널 비지네스 머신즈 코포레이션 비지니스 레벨의 서비스 수준 협약의 모니터링 및 제어시스템 및 방법
KR20050030539A (ko) * 2003-09-26 2005-03-30 인터내셔널 비지네스 머신즈 코포레이션 실시간 sla 영향 분석 방법과 그 시스템, 머신 판독가능 저장 장치 및 실시간 sla 영향 평가 방법
JP4691477B2 (ja) * 2006-08-29 2011-06-01 日立電子サービス株式会社 Sla監視システム
KR20110069143A (ko) * 2008-10-08 2011-06-22 카아보 아이엔씨. N-계층 애플리케이션을 위한 클라우드 컴퓨팅 수명 주기 관리

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9686077B2 (en) 2014-03-06 2017-06-20 Microsoft Technology Licensing, Llc Secure hardware for cross-device trusted applications
US10404466B2 (en) 2014-03-06 2019-09-03 Microsoft Technology Licensing, Llc Secure hardware for cross-device trusted applications
CN110825632A (zh) * 2019-11-01 2020-02-21 北京金山云网络技术有限公司 云计算资源计量数据测试方法、系统、装置及电子设备
CN110825632B (zh) * 2019-11-01 2023-10-03 北京金山云网络技术有限公司 云计算资源计量数据测试方法、系统、装置及电子设备

Also Published As

Publication number Publication date
KR20130036522A (ko) 2013-04-12
KR101275773B1 (ko) 2013-07-30

Similar Documents

Publication Publication Date Title
US8572400B2 (en) Enhanced digital right management framework
CN111708991B (zh) 服务的授权方法、装置、计算机设备和存储介质
Anati et al. Innovative technology for CPU based attestation and sealing
US9436968B1 (en) System and method for application license management in virtual environments
EP1181632B1 (fr) Enregistrement d&#39;evenements de donnees sur une plate-forme de calcul
US7526785B1 (en) Trusted computing platform for restricting use of data
US20060174110A1 (en) Symmetric key optimizations
US7739505B2 (en) Linking Diffie Hellman with HFS authentication by using a seed
US7617401B2 (en) Hardware functionality scan for device authentication
CN110770729B (zh) 用于证明虚拟机完整性的方法和设备
JP2013516685A (ja) コンピューターポリシーを施行するためのシステムおよび方法
EP2997692A1 (fr) Procédure pour stockage sécurisé réalisé sur plate-forme dans des nuages d&#39;infrastructures
WO2013051760A1 (fr) Système permettant d&#39;empêcher la contrefaçon et la falsification de données de mesures générées dans un service informatique en nuage
US20120047074A1 (en) Methods of protecting software programs from unauthorized use
CN114726630A (zh) 基于License的信息安全授权方法、装置、电子设备及介质
CN111859379B (zh) 保护数据模型的处理方法和装置
Chandni et al. Establishing trust despite attacks in cloud computing: A survey
Fotiadis et al. Root-of-trust abstractions for symbolic analysis: Application to attestation protocols
Lee-Thorp Attestation in trusted computing: Challenges and potential solutions
CN115618366A (zh) 用于服务器的验证方法及装置
Magnanini et al. Scalable, confidential and survivable software updates
Petrlic Privacy-preserving digital rights management in a trusted cloud environment
England et al. Towards a programmable TPM
Bravi Use of Trusted Computing techniques to counteract Cybersecurity attacks in Critical Infrastructures
Pedone et al. Trusted computing technology and proposals for resolving cloud computing security problems

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11873631

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11873631

Country of ref document: EP

Kind code of ref document: A1