WO2021139308A1 - Cloud server monitoring method, apparatus and device, and storage medium - Google Patents

Cloud server monitoring method, apparatus and device, and storage medium Download PDF

Info

Publication number
WO2021139308A1
WO2021139308A1 PCT/CN2020/122338 CN2020122338W WO2021139308A1 WO 2021139308 A1 WO2021139308 A1 WO 2021139308A1 CN 2020122338 W CN2020122338 W CN 2020122338W WO 2021139308 A1 WO2021139308 A1 WO 2021139308A1
Authority
WO
WIPO (PCT)
Prior art keywords
cloud server
hardware
software
reference value
monitoring
Prior art date
Application number
PCT/CN2020/122338
Other languages
French (fr)
Chinese (zh)
Inventor
胡俊文
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2021139308A1 publication Critical patent/WO2021139308A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/3037Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a memory, e.g. virtual memory, cache
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/32Monitoring with visual or acoustical indication of the functioning of the machine
    • G06F11/324Display of status information
    • G06F11/327Alarm or error message display
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data

Definitions

  • the present invention relates to the field of artificial intelligence logic programming, in particular to a cloud server monitoring method, device, equipment and storage medium.
  • cloud servers came into being.
  • the cloud service provider that provides the cloud server is responsible for purchasing hardware equipment and providing basic Internet services such as computing, storage, online backup, and the user only needs to use the connection interface to perform system deployment, software configuration and maintenance on the provider’s server Operations, and can even be fully managed to a provider. Thereby reducing the user's online service expenditure cost and improving service efficiency.
  • the inventor realized that because the user semi-hosted the service, or even fully hosted the service to the cloud service provider, the user may not be able to know if problems such as information leakage or environmental damage occur during the service process. For example, when cloud service providers discover that a server's hard disk fails, they will replace the original hard disk with the backup hard disk. If commercial secrets are stored on the hard disk, there is a serious risk of data leakage. Therefore, there is an urgent need for a mechanism to effectively monitor the environmental integrity of cloud servers, so as to reduce the possibility of risks in the process of providing cloud services.
  • the main purpose of this application is to solve the problem that users cannot monitor the environmental integrity of the cloud server.
  • the first aspect of this application provides a cloud server monitoring method, including:
  • the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental benchmark values are consistent;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
  • a second aspect of the present application provides a cloud server monitoring device.
  • the cloud server monitoring device includes a memory, a processor, and a cloud server monitoring program that is stored on the memory and can run on the processor.
  • the processor implements the following steps when executing the cloud server monitoring program:
  • the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
  • a third aspect of the present application provides a computer-readable storage medium that stores computer instructions, and when the computer instructions are executed on a computer, the computer executes the following steps:
  • the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
  • the fourth aspect of the present application provides a cloud server monitoring device, including:
  • the detection module is used to detect whether there is a scheduled monitoring task of the cloud server currently;
  • the verification module is used to trigger the execution of the cloud server hardware credible integrity verification if there is a cloud server timing monitoring task currently;
  • the verification module includes:
  • the hardware verification unit is used to perform cloud server hardware trusted integrity verification, which specifically includes: generating the hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware environment Whether the monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of the cloud server software trusted integrity check;
  • the software verification unit is used to perform cloud server software credible integrity verification, which specifically includes: generating the software environment monitoring value corresponding to the current cloud server according to a preset software credible integrity verification strategy, and judging the software environment Whether the monitoring value is consistent with the preset software environment reference value;
  • the standby module is configured to wait to enter the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value;
  • a judgment module configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
  • the alarm module is configured to generate a hardware credibility report and/or software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
  • this application it is first to detect whether there is a regular monitoring task, and if it exists, a hardware credible integrity check is performed to determine whether the hardware environment of the current cloud server is complete. After passing, the software credible integrity check is performed. To judge whether the software environment of the current cloud server is complete, if all pass, wait for the next monitoring. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data.
  • this solution uses the hardware/software environment
  • the environmental reference value is stored in the NV space of the trusted chip or on the blockchain.
  • the hardware/software trusted integrity verification strategies provided by this application are freely selectable and updateable.
  • it is set to issue a hardware credibility report and/or a software credibility report when the number of untrusted times found by monitoring reaches a certain threshold.
  • FIG. 1 is a schematic diagram of a first embodiment of a cloud server monitoring method in an embodiment of this application;
  • Figure 2-1 is a schematic diagram of the hardware/software trusted integrity check policy configuration part in the second embodiment of the cloud server monitoring method in the embodiment of the application;
  • FIG. 2-2 is a schematic diagram of monitoring a cloud server in the second embodiment of the cloud server monitoring method in the embodiment of this application;
  • FIG. 3 is a schematic diagram of a third embodiment of a cloud server monitoring method in an embodiment of this application.
  • FIG. 4 is a schematic diagram of a fourth embodiment of a cloud server monitoring method in an embodiment of this application.
  • FIG. 5 is a schematic diagram of a first embodiment of a cloud server monitoring device in an embodiment of this application.
  • FIG. 6 is a schematic diagram of a second embodiment of a cloud server monitoring device in an embodiment of this application.
  • Fig. 7 is a schematic diagram of an embodiment of a cloud server monitoring device in an embodiment of the application.
  • the embodiments of the application provide a cloud server monitoring method, device, equipment, and storage medium.
  • the first embodiment of the cloud server monitoring method in the embodiment of the present application includes:
  • the execution subject of this application may be a cloud server monitoring device, or may also be a terminal or a server, etc., which is not specifically limited here.
  • the embodiment of the present application takes the cloud server monitoring device as the execution subject as an example for description.
  • the device is equipped with a cloud server verification strategy preset by the cloud server rental user.
  • the verification strategy includes a monitoring cycle, and every other monitoring cycle, the pair will initiate a monitoring task on the cloud server. Therefore, during the operation of the device, it is detected whether there is a regular monitoring task of the cloud server.
  • the cloud server hardware trusted integrity check includes:
  • the hardware environment monitoring value corresponding to the current cloud server is generated, and it is judged whether the hardware environment monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with all If the hardware environment reference values are consistent, the cloud server software trusted integrity check will be triggered;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • the hardware trusted integrity check strategy preset by the developer is applied to the device. Before the cloud server is leased, the device first obtains the attribute value of the hardware specified in the hardware trusted integrity check policy. Then, the first measurement algorithm specified in the hardware trusted integrity check strategy is used to calculate the attribute value of the hardware to obtain the hardware environment reference value. In order to protect the reliability of the hardware environment reference value, this solution preferably stores the hardware environment reference value on a trusted security chip or blockchain.
  • the first measurement algorithm is used to calculate the attribute value of the hardware corresponding to the current cloud server to obtain the corresponding hardware environment monitoring value, which is compared with the hardware environment reference value.
  • the hardware environment monitoring value is consistent with the hardware environment reference value, it indicates that the hardware environment of the current cloud server is complete, and then the cloud server software trusted integrity check is performed.
  • cloud server leasing users When cloud server leasing users first start using cloud servers, they will collect their selected cloud server verification policy configuration parameters, including software trusted integrity verification policies.
  • the strategy includes a second measurement algorithm and a designated software name. In the first run, first obtain the corresponding software file according to the specified software name, and then obtain the corresponding software environment monitoring value through the second measurement algorithm.
  • the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, it means that the current cloud server may be at risk.
  • the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, it means that the current cloud server may be at risk.
  • Each inconsistency is counted, and when the technology reaches the preset threshold, it is determined that the current cloud server meets the preset alarm conditions.
  • the preset report template is obtained, and the inconsistent hardware/software environment monitoring values and hardware/software environment benchmark values are written into the report template to obtain the hardware credibility report and/or software credibility report, and Send it to the corresponding cloud server rental user.
  • a monitoring method for a cloud server detects the existence of a regular monitoring task, first performs a hardware credible integrity check, and then performs a software credible integrity check after passing, and if all passes, wait again next time. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data.
  • the second embodiment of the cloud server monitoring method in the embodiment of the present application includes:
  • the developer writes the name of the hardware object to be monitored in the hardware trusted integrity check strategy in advance, and stores the hardware trusted integrity check strategy in the device.
  • the hardware name includes system boot sector, BIOS firmware, hard disk serial number, and so on.
  • the security chip also known as the trusted platform module, is a device that can independently perform key generation, encryption and decryption. It has an independent processor and storage unit inside that can store keys and characteristic data.
  • TPM Trusted Platform Module
  • TCM Trusted Cryptography Module
  • the security chip also known as the trusted platform module, is a device that can independently perform key generation, encryption and decryption. It has an independent processor and storage unit inside that can store keys and characteristic data.
  • TPM Trusted Platform Module
  • TCM Trusted Cryptography Module
  • Trusted security module is jointly launched by Great Wall, ZTE and other companies. Due to the encryption measures of the trusted security chip, this solution uses them to store the hardware environment reference value and/or the software environment reference value. This solution does not limit the type of trusted chip used, and this embodiment only uses a TPM chip as an example to describe the solution.
  • the device obtains the hardware credible integrity check strategy preset by the developer.
  • the attribute value of the corresponding hardware in the cloud server with the TPM chip is obtained.
  • the abbreviation of the hard disk serial number is SN.
  • the hard disk manufacturer adds a code for the hard disk to distinguish different hard disk products. The code is unique and immutable. First read the /etc/mtab file, find the device file that is hung, and then use the system to call ioctl to obtain the information in the device file. Then extract the corresponding attribute value from the obtained information, which is the serial number of the hard disk in the current server.
  • the attribute values corresponding to hardware such as boot sector, BIOS firmware, etc. can be obtained in a similar manner. Since this technology is very mature, we will not repeat them one by one.
  • the measurement algorithm commonly used to measure the hardware information and software information of the server is the hash algorithm.
  • the hash algorithms supported by trusted security chips are SHA256, SM3, etc. Since the standard configuration of the TPM is the SHA256 algorithm, this embodiment uses SHA256 as the first measurement algorithm to measure hardware attribute values.
  • NV space Non-Volatile Random Access Memory, non-volatile (or non-playable) random access memory
  • NVRAM Non-Volatile Random Access Memory, non-volatile (or non-playable) random access memory
  • NVRAM is not easy to lose.
  • NVRAM is used to store the hardware environment reference value and the software environment reference value.
  • TPM can maintain a static chain of trust.
  • the static chain of trust is used for measurement after the platform is powered on.
  • the first one is used to store the BIOS, the attribute value is A, and the hash value is B; the second one is used to extend the platform configuration and the attribute value It is B.
  • (A+B) is taken as a whole, and the first measurement algorithm is used to measure it, and the hash value C is obtained.
  • the data stored on the PCR will be stored in the NV space at the same time.
  • the hardware environment reference value may also be stored in a node of a blockchain.
  • the cloud server verification strategy configuration parameters selected by the server leasing user, where the cloud server verification strategy configuration parameters include enabling or disabling the software trusted integrity verification strategy, and enabling or disabling the hardware trusted integrity Verification strategy;
  • the operating system kernel is the first layer of software on the device and is one of the core components of the entire operating system and device. Because the operating system kernel may be attacked by buffer overflows, direct memory access peripheral attacks, etc., the operating system enters an unexpected state, which causes the entire software environment to be untrustworthy. Therefore, this solution provides a trusted integrity check strategy that can realize the software level.
  • the server can be rented on the shelf to provide cloud services.
  • an option box will first pop up so that the user can select the cloud server to verify the policy configuration parameters.
  • the cloud server verification strategy configuration parameters include turning on or off the software trusted integrity verification strategy, and turning on or off the hardware trusted integrity verification strategy.
  • the hardware trusted integrity check strategy you can also choose whether to perform the hardware trusted integrity check strategy. When some users start to use it, they may pay more attention to the integrity of the hardware environment before use, so as to provide users with more monitoring options.
  • specific software trusted integrity check policy configuration parameters will pop up, such as the type of the second measurement algorithm used, those files that need to be measured, the monitoring period, and so on.
  • the frequently used software files to be measured are the kernel files of the operating system. For example, in ubuntu, the file name of the kernel file is .config.
  • the second metric algorithm is still the SHA256 algorithm. Use SHA256 to calculate the obtained String filePath to obtain the hash value corresponding to ".config", which is the software environment benchmark value.
  • the above-mentioned software environment reference value may also be stored in a node of a blockchain or/and a blockchain.
  • the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • the blockchain referred to in this application is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm.
  • Blockchain essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information for verification. The validity of the information (anti-counterfeiting) and generation of the next block.
  • the blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
  • the hardware environment reference value is obtained according to the preset hardware trusted integrity check strategy, so that the user can perform a complete measurement of the hardware environment before starting to use the cloud server.
  • this embodiment also provides the user to freely choose whether to enable the hardware trusted integrity check strategy or the software trusted integrity check strategy. If it chooses to turn on the software trusted integrity verification strategy, it will configure the parameters according to its selected cloud server verification strategy to obtain the software environment benchmark value and start the monitoring service.
  • the software environment reference value and hardware environment reference value in this solution are stored in the trusted security chip and the blockchain, both can be better protected, thereby reducing the risk of tampering and improving the post-verification results Credibility.
  • the third embodiment of the cloud server monitoring method in the embodiment of the present application includes:
  • the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, it means that there may be environmental changes currently. However, in real applications, there may be the possibility of false alarms. Therefore, to ensure rigor, when users select cloud server verification policy configuration parameters, the threshold of untrustworthy times can be set. Every time it happens, add 1 to the number of untrustworthy times and gradually accumulate.
  • the current untrustworthy times are compared with the preset untrustworthy times threshold, and it is judged whether it reaches the untrustworthy times threshold.
  • the developer writes the credible report template into the device in advance.
  • the credible report template includes a title, a string name (in this embodiment, the hardware environment monitoring value and the hardware environment reference value), the writing rules corresponding to each string name, the judgment result, and so on. If the current cloud server meets the alarm conditions, obtain the trusted report template
  • the credible alarm report also judges each pair of hardware (software) environmental monitoring values and hardware (software) environmental benchmark values. If they are consistent, they are judged to be credible, and those that are inconsistent are judged to be unreliable, so that users can quickly find out. The hardware or software in question.
  • the hardware credibility report and/or the software credibility report are sent to the server rental user.
  • an alarm message is also sent to the other party.
  • the alarm process in the monitoring process is described and supplemented.
  • a threshold of untrustworthy times is set. Only when the untrustworthy times reaches the threshold, an alarm will be issued.
  • there are inconsistent hardware (software) environmental monitoring values and hardware (software) environmental benchmark values in the trusted report and after sending the trusted report to the mailbox , And also send a text message to remind you.
  • the fourth embodiment of the cloud server monitoring method in the embodiment of the present application includes:
  • the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
  • the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
  • this application also provides a solution for updating the cloud server verification strategy.
  • the updated cloud server verification strategy configuration parameters are updated, the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy are updated, and the updateable cloud server verification strategy configuration parameters include the measurement algorithm, waiting The name of the software being measured, the monitoring period, etc.
  • the hardware environment reference value and/or the software environment reference value also need to be based on the updated hardware feasible integrity check strategy and /Or a software feasible integrity check strategy to update the hardware environment reference value and/or the software environment reference value in the NV space.
  • a solution for updating a hardware feasible integrity check strategy and/or a software feasible integrity check strategy is provided.
  • the hardware environment reference value and/or the software environment reference value will also be updated.
  • the cloud server monitoring method in the embodiment of the present application is described above, and the cloud server monitoring device in the embodiment of the present application is described below.
  • the first embodiment of the cloud server monitoring device in the embodiment of the present application includes:
  • the detection module 501 is used to detect whether there is a cloud server timing monitoring task currently;
  • the verification module 502 is configured to trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check if there is a cloud server timing monitoring task currently;
  • the verification module 502 includes:
  • the hardware verification unit 5021 is configured to perform cloud server hardware trusted integrity verification, which specifically includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware Whether the environment monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, triggering the execution of the cloud server software trusted integrity check;
  • the software verification unit 5022 is used to perform cloud server software trusted integrity verification, which specifically includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity verification strategy, and judging the software Whether the environmental monitoring value is consistent with the preset software environmental reference value;
  • the standby module 503 is configured to wait for the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value ;
  • the judgment module 504 is configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
  • the alarm module 505 is configured to generate a hardware credibility report and/or a software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
  • a monitoring method for a cloud server detects the existence of a regular monitoring task, first performs a hardware credible integrity check, and then performs a software credible integrity check after passing, and if all passes, wait again next time. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data.
  • the second embodiment of the cloud server monitoring device in the embodiment of the present application includes:
  • the detection module 501 is used to detect whether there is a cloud server timing monitoring task currently;
  • the verification module 502 is configured to trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check if there is a cloud server timing monitoring task currently;
  • the verification module 502 includes:
  • the hardware verification unit 5021 is configured to perform cloud server hardware trusted integrity verification, which specifically includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware Whether the environment monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, triggering the execution of the cloud server software trusted integrity check;
  • the software verification unit 5022 is used to perform cloud server software trusted integrity verification, which specifically includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity verification strategy, and judging the software Whether the environmental monitoring value is consistent with the preset software environmental reference value;
  • the standby module 503 is configured to wait for the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value ;
  • the judgment module 504 is configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
  • the alarm module 505 is configured to generate a hardware credibility report and/or a software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
  • the detection module 501 previously includes a hardware measurement module 506, the hardware environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip, and the hardware measurement module 506 is specifically used for:
  • the attribute value of the hardware is calculated according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware.
  • the hardware measurement module 506 is further connected with a software measurement module 507, the software environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip, and the software measurement module 507 specifically Used for:
  • the software file is calculated according to the second measurement algorithm specified in the software trusted integrity verification strategy to obtain the software environment reference value.
  • the cloud server verification policy configuration parameter further includes enabling or disabling the hardware trusted integrity verification policy.
  • the judgment module 504 is specifically configured to:
  • the alarm module 505 is specifically configured to:
  • the alarm report is sent to the corresponding server rental user and the preset alarm short message is sent to the server rental user.
  • the cloud server monitoring device further includes an update module 508, and the update module 508 is specifically configured to:
  • updated cloud server verification strategy configuration parameters update the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy, and generate corresponding hardware update values and/or software update values;
  • the hardware update value and/or the software update value are respectively replaced with the corresponding hardware environment reference value and/or the software environment reference value.
  • this embodiment also provides the user to freely choose whether to enable the hardware trusted integrity check strategy or the software trusted integrity check strategy. If it chooses to turn on the software trusted integrity verification strategy, it will configure the parameters according to its selected cloud server verification strategy to obtain the software environment benchmark value and start the monitoring service.
  • the software environment reference value and hardware environment reference value in this solution are stored in the trusted security chip and the blockchain, both can be better protected, thereby reducing the risk of tampering and improving the post-verification results Credibility.
  • a threshold for the number of unreliable times is set. Only when the number of unreliable times reaches the threshold will an alarm be issued.
  • a solution is provided for updating a feasible hardware integrity check strategy and/or a software feasible integrity check strategy.
  • FIGS 5 and 6 above describe the cloud server monitoring device in the embodiment of the present application in detail from the perspective of modular functional entities, and the following describes the cloud server monitoring device in the embodiment of the present application in detail from the perspective of hardware processing.
  • FIG. 7 is a schematic structural diagram of a cloud server monitoring device provided by an embodiment of the present application.
  • the cloud server monitoring device 700 may have relatively large differences due to different configurations or performance, and may include one or more processors (central processing units).
  • a CPU 710 for example, one or more processors
  • a memory 720 for example, one or more storage devices
  • storage media 730 for example, one or more storage devices
  • the memory 720 and the storage medium 730 may be short-term storage or persistent storage.
  • the program stored in the storage medium 730 may include one or more modules (not shown in the figure), and each module may include a series of instruction operations on the cloud server monitoring device 700.
  • the processor 710 may be configured to communicate with the storage medium 730, and execute a series of instruction operations in the storage medium 730 on the cloud server monitoring device 700.
  • the cloud-based server monitoring device 700 may also include one or more power supplies 730, one or more wired or wireless network interfaces 750, one or more input and output interfaces 760, and/or one or more operating systems 731, such as Windows Serve, Mac OS X, Unix, Linux, FreeBSD, etc.
  • operating systems 731 such as Windows Serve, Mac OS X, Unix, Linux, FreeBSD, etc.
  • FIG. 7 does not constitute a limitation on the cloud server monitoring device, and may include more or less components than shown in the figure, or a combination of certain components, or different components. The layout of the components.
  • the computer-readable storage medium may be a non-volatile computer-readable storage medium, and the computer-readable storage medium may also be a volatile computer-readable storage medium.
  • the computer-readable storage medium stores instructions, and when the instructions run on a computer, the computer executes the steps of the cloud server monitoring method.
  • the computer-readable storage medium may mainly include a storage program area and a storage data area, where the storage program area may store an operating system, an application program required by at least one function, etc.; the storage data area may store Data created by the use of nodes, etc.
  • the blockchain referred to in this application is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm.
  • Blockchain essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information for verification. The validity of the information (anti-counterfeiting) and generation of the next block.
  • the blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of the present application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disk and other media that can store program code .

Abstract

The present application relates to the field of artificial intelligence. Disclosed are a cloud server monitoring method, apparatus and device, and a storage medium. The cloud server monitoring method comprises: detecting whether there is currently a cloud server timing monitoring task; if there is, obtaining a corresponding hardware environment monitoring value and/or software environment monitoring value according to a preset hardware trustworthiness integrity verification policy and/or software trustworthiness integrity verification policy, respectively determining whether said values are consistent with a hardware environment reference value and/or a software environment reference value, and if not consistent, determining whether the current cloud server meets a preset alarm condition; and if the alarm condition is met, generating a hardware trustworthiness report and/or a software trustworthiness report and sending same to a corresponding user. The solution can realize security monitoring of a cloud server by a user, so as to guarantee the security of data on the cloud server. In addition, the present application also relates to blockchain technology. The hardware environment reference value and/or the software environment reference value can be stored in a blockchain.

Description

云服务器监控方法、装置、设备及存储介质Cloud server monitoring method, device, equipment and storage medium
本申请要求于2020年6月16日提交中国专利局、申请号为202010547614.7、发明名称为“云服务器监控方法、装置、设备及存储介质”的中国专利申请的优先权,其全部内容通过引用结合在申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office, the application number is 202010547614.7, and the invention title is "cloud server monitoring method, device, equipment and storage medium" on June 16, 2020, the entire content of which is incorporated by reference In application.
技术领域Technical field
本发明涉及人工智能的逻辑程序设计领域,尤其涉及一种云服务器监控方法、装置、设备及存储介质。The present invention relates to the field of artificial intelligence logic programming, in particular to a cloud server monitoring method, device, equipment and storage medium.
背景技术Background technique
随着互联网的发展,越来越多的公司需要搭建服务器,以对外提供线上服务。然而对于中小型用户而言,购买、搭建、维护服务器的成本过于昂贵。因此云服务器就应运而生。简单来说,提供云服务器的云服务商负责购买硬件设备,并提供计算、存储、在线备份等基础互联网服务,而用户只需要通过连接接口,对提供商的服务器进行系统部署、软件配置和维护运营,甚至可以完全托管给提供商。从而减少了用户在线上服务的支出成本,且提高服务效率。With the development of the Internet, more and more companies need to build servers to provide online services to the outside world. However, for small and medium-sized users, the cost of buying, building, and maintaining servers is too expensive. Therefore, cloud servers came into being. To put it simply, the cloud service provider that provides the cloud server is responsible for purchasing hardware equipment and providing basic Internet services such as computing, storage, online backup, and the user only needs to use the connection interface to perform system deployment, software configuration and maintenance on the provider’s server Operations, and can even be fully managed to a provider. Thereby reducing the user's online service expenditure cost and improving service efficiency.
然而,发明人意识到由于用户将服务半托管,甚至完全托管给云服务商,因此在服务过程中,若出现信息泄露、环境破坏等问题,用户可能无法得知。例如云服务商发现某个服务器的硬盘出现故障,他们会将该硬盘的备份硬盘替换原有的硬盘。若该硬盘上存储有商业机密,则存在严重的数据泄漏风险。因此,亟需一种对云服务器的环境完整性进行有力的监控的机制,从而减少提供云服务过程中出现风险的可能。However, the inventor realized that because the user semi-hosted the service, or even fully hosted the service to the cloud service provider, the user may not be able to know if problems such as information leakage or environmental damage occur during the service process. For example, when cloud service providers discover that a server's hard disk fails, they will replace the original hard disk with the backup hard disk. If commercial secrets are stored on the hard disk, there is a serious risk of data leakage. Therefore, there is an urgent need for a mechanism to effectively monitor the environmental integrity of cloud servers, so as to reduce the possibility of risks in the process of providing cloud services.
发明内容Summary of the invention
本申请的主要目的在于解决用户无法对云服务器的环境完整性进行监控的问题。The main purpose of this application is to solve the problem that users cannot monitor the environmental integrity of the cloud server.
本申请第一方面提供了一种云服务器监控方法,包括:The first aspect of this application provides a cloud server monitoring method, including:
检测当前是否存在云服务器定时监控任务;Detect whether there is a scheduled monitoring task for the cloud server currently;
若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;If there is a cloud server scheduled monitoring task currently, it will trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental benchmark values are consistent;
若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;If the hardware environment monitoring value is consistent with the hardware environment reference value, trigger execution of cloud server software trusted integrity check;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, then waiting to enter the next round of regular monitoring tasks;
若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determining whether the current cloud server meets the preset alarm condition;
若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。If the alarm conditions are met, a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
本申请第二方面提供了一种云服务器监控设备,所述云服务器监控设备包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的云服务器监控程序,所述处理器执行所述云服务器监控程序时实现如下步骤:A second aspect of the present application provides a cloud server monitoring device. The cloud server monitoring device includes a memory, a processor, and a cloud server monitoring program that is stored on the memory and can run on the processor. The processor implements the following steps when executing the cloud server monitoring program:
检测当前是否存在云服务器定时监控任务;Detect whether there is a scheduled monitoring task for the cloud server currently;
若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;If there is a cloud server scheduled monitoring task currently, it will trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, then waiting to enter the next round of regular monitoring tasks;
若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determining whether the current cloud server meets the preset alarm condition;
若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。If the alarm conditions are met, a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
本申请第三方面提供了一种计算机可读存储介质,所述计算机可读存储介质中存储计算机指令,当所述计算机指令在计算机上运行时,使得计算机执行如下步骤:A third aspect of the present application provides a computer-readable storage medium that stores computer instructions, and when the computer instructions are executed on a computer, the computer executes the following steps:
检测当前是否存在云服务器定时监控任务;Detect whether there is a scheduled monitoring task for the cloud server currently;
若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;If there is a cloud server scheduled monitoring task currently, it will trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, then waiting to enter the next round of regular monitoring tasks;
若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determining whether the current cloud server meets the preset alarm condition;
若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。If the alarm conditions are met, a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
本申请第四方面提供了一种云服务器监控装置,包括:The fourth aspect of the present application provides a cloud server monitoring device, including:
检测模块,用于检测当前是否存在云服务器定时监控任务;The detection module is used to detect whether there is a scheduled monitoring task of the cloud server currently;
校验模块,用于若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验;The verification module is used to trigger the execution of the cloud server hardware credible integrity verification if there is a cloud server timing monitoring task currently;
其中,所述校验模块包括:Wherein, the verification module includes:
硬件校验单元,用于执行云服务器硬件可信完整性校验,具体包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;The hardware verification unit is used to perform cloud server hardware trusted integrity verification, which specifically includes: generating the hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware environment Whether the monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of the cloud server software trusted integrity check;
软件校验单元,用于执行云服务器软件可信完整性校验,具体包括:根据预置软件可 信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;The software verification unit is used to perform cloud server software credible integrity verification, which specifically includes: generating the software environment monitoring value corresponding to the current cloud server according to a preset software credible integrity verification strategy, and judging the software environment Whether the monitoring value is consistent with the preset software environment reference value;
待机模块,用于若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;The standby module is configured to wait to enter the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value;
判断模块,用于若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;A judgment module, configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
告警模块,用于若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。The alarm module is configured to generate a hardware credibility report and/or software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
本申请方案中,先检测是否存在定时监控任务,若存在,则进行硬件可信完整性校验,以判断当前云服务器的硬件环境是否完整,通过后,再进行软件可信完整性校验,以判断当前云服务器的软件环境是否完整,如果都通过,再等待下一次监控。如果不通过,则生成硬件可信报告和/或软件可信报告,并发送给用户。因此本申请能够从硬件环境和软件环境两个层面实现对云服务器的定时监控,从而降低数据泄露风险,提高用户的数据的安全性。此外,由于硬件/软件环境完整性校验是建立于可信的预置硬件/软件环境基准值的基础上,因此为保障硬件/软件环境基准值的可信性,本方案采用将硬件/软件环境基准值存储于可信芯片的NV空间或区块链上。为提高监控的灵活性,本申请还为用户提供的硬件/软件可信完整性校验策略都是可自由选择和更新。此外,本申请为保障监控的严谨性,设置当监控发现的不可信次数达到一定阈值才发出硬件可信报告和/或软件可信报告。In the solution of this application, it is first to detect whether there is a regular monitoring task, and if it exists, a hardware credible integrity check is performed to determine whether the hardware environment of the current cloud server is complete. After passing, the software credible integrity check is performed. To judge whether the software environment of the current cloud server is complete, if all pass, wait for the next monitoring. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data. In addition, since the hardware/software environment integrity check is based on the credible preset hardware/software environment benchmark values, in order to ensure the credibility of the hardware/software environment benchmark values, this solution uses the hardware/software environment The environmental reference value is stored in the NV space of the trusted chip or on the blockchain. In order to improve the flexibility of monitoring, the hardware/software trusted integrity verification strategies provided by this application are freely selectable and updateable. In addition, in this application, to ensure the rigor of monitoring, it is set to issue a hardware credibility report and/or a software credibility report when the number of untrusted times found by monitoring reaches a certain threshold.
附图说明Description of the drawings
图1为本申请实施例中云服务器监控方法的第一个实施例示意图;FIG. 1 is a schematic diagram of a first embodiment of a cloud server monitoring method in an embodiment of this application;
图2-1为本申请实施例中云服务器监控方法的第二个实施例中硬件/软件可信完整性校验策略配置部分的示意图;Figure 2-1 is a schematic diagram of the hardware/software trusted integrity check policy configuration part in the second embodiment of the cloud server monitoring method in the embodiment of the application;
图2-2为本申请实施例中云服务器监控方法的第二个实施例中对云服务器进行监控的示意图;2-2 is a schematic diagram of monitoring a cloud server in the second embodiment of the cloud server monitoring method in the embodiment of this application;
图3为本申请实施例中云服务器监控方法的第三个实施例示意图;3 is a schematic diagram of a third embodiment of a cloud server monitoring method in an embodiment of this application;
图4为本申请实施例中云服务器监控方法的第四个实施例示意图;4 is a schematic diagram of a fourth embodiment of a cloud server monitoring method in an embodiment of this application;
图5为本申请实施例中云服务器监控装置的第一个实施例示意图;FIG. 5 is a schematic diagram of a first embodiment of a cloud server monitoring device in an embodiment of this application;
图6为本申请实施例中云服务器监控装置的第二个实施例示意图;FIG. 6 is a schematic diagram of a second embodiment of a cloud server monitoring device in an embodiment of this application;
图7为本申请实施例中云服务器监控设备的一个实施例示意图。Fig. 7 is a schematic diagram of an embodiment of a cloud server monitoring device in an embodiment of the application.
具体实施方式Detailed ways
本申请实施例提供了一种云服务器监控方法、装置、设备及存储介质,本申请方案中,先检测是否存在定时监控任务,若存在,则进行硬件可信完整性校验,以判断当前云服务器的硬件环境是否完整,通过后,再进行软件可信完整性校验,以判断当前云服务器的软件环境是否完整,如果都通过,再等待下一次监控。如果不通过,则生成硬件可信报告和/或软件可信报告,并发送给用户。因此本申请能够从硬件环境和软件环境两个层面实现对云服务器的定时监控,从而降低数据泄露风险,提高用户的数据的安全性。The embodiments of the application provide a cloud server monitoring method, device, equipment, and storage medium. In the solution of the application, first detect whether there is a regular monitoring task, and if so, perform a hardware trustworthiness integrity check to determine the current cloud Whether the hardware environment of the server is complete, after passing, the software trusted integrity check is performed to determine whether the software environment of the current cloud server is complete, and if all are passed, wait for the next monitoring. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data.
本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”、“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”或“具有”及其任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims of this application and the above-mentioned drawings are used to distinguish similar objects, without having to use To describe a specific order or sequence. It should be understood that the data used in this way can be interchanged under appropriate circumstances so that the embodiments described herein can be implemented in a sequence other than the content illustrated or described herein. In addition, the terms "including" or "having" and any variations thereof are intended to cover non-exclusive inclusion. For example, a process, method, system, product, or device that includes a series of steps or units is not necessarily limited to those clearly listed. Steps or units, but may include other steps or units that are not clearly listed or are inherent to these processes, methods, products, or equipment.
为便于理解,下面对本申请实施例的具体流程进行描述,请参阅图1,本申请实施例中云服务器监控方法的第一个实施例包括:For ease of understanding, the following describes the specific process of the embodiment of the present application. Please refer to FIG. 1. The first embodiment of the cloud server monitoring method in the embodiment of the present application includes:
101、检测当前是否存在云服务器定时监控任务;101. Detect whether there is a cloud server timing monitoring task currently;
可以理解的是,本申请的执行主体可以为云服务器监控装置,还可以是终端或者服务器等,具体此处不做限定。本申请实施例以云服务器监控装置为执行主体为例进行说明。It is understandable that the execution subject of this application may be a cloud server monitoring device, or may also be a terminal or a server, etc., which is not specifically limited here. The embodiment of the present application takes the cloud server monitoring device as the execution subject as an example for description.
在本实施例中,本装置中装有云服务器租赁用户预先设定的云服务器校验策略。在该校验策略中,包含有监控周期,每隔一段监控周期,对会发起对云服务器的监控任务。因此,在本装置运行过程中,检测当前是否存在云服务器定时监控任务。In this embodiment, the device is equipped with a cloud server verification strategy preset by the cloud server rental user. The verification strategy includes a monitoring cycle, and every other monitoring cycle, the pair will initiate a monitoring task on the cloud server. Therefore, during the operation of the device, it is detected whether there is a regular monitoring task of the cloud server.
102、若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;102. If there is currently a cloud server timing monitoring task, trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:Wherein, the cloud server hardware trusted integrity check includes:
根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;According to the preset hardware trusted integrity check strategy, the hardware environment monitoring value corresponding to the current cloud server is generated, and it is judged whether the hardware environment monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with all If the hardware environment reference values are consistent, the cloud server software trusted integrity check will be triggered;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
在本实施例中,开发者预设的硬件可信完整性校验策略至本装置。在云服务器被租赁之前,先本装置先获取硬件可信完整性校验策略中指定的硬件的属性值。然后采用硬件可信完整性校验策略中指定的第一度量算法对硬件的属性值进行计算,得到硬件环境基准值。为保护硬件环境基准值的可靠性,本方案优选的,将硬件环境基准值存储于可信安全芯片或区块链上。In this embodiment, the hardware trusted integrity check strategy preset by the developer is applied to the device. Before the cloud server is leased, the device first obtains the attribute value of the hardware specified in the hardware trusted integrity check policy. Then, the first measurement algorithm specified in the hardware trusted integrity check strategy is used to calculate the attribute value of the hardware to obtain the hardware environment reference value. In order to protect the reliability of the hardware environment reference value, this solution preferably stores the hardware environment reference value on a trusted security chip or blockchain.
然后采用第一度量算法对当前云服务器对应的硬件的属性值进行计算,得到对应的硬件环境监控值,并将其与硬件环境基准值进行比对。Then, the first measurement algorithm is used to calculate the attribute value of the hardware corresponding to the current cloud server to obtain the corresponding hardware environment monitoring value, which is compared with the hardware environment reference value.
若硬件环境监控值和硬件环境基准值一致,则说明当前云服务器的硬件环境完整,再进行云服务器软件可信完整性校验。If the hardware environment monitoring value is consistent with the hardware environment reference value, it indicates that the hardware environment of the current cloud server is complete, and then the cloud server software trusted integrity check is performed.
在云服务器租赁用户刚开始使用云服务器时,会收集其选定云服务器校验策略配置参数,其中包含软件可信完整性校验策略。该策略包括第二度量算法和指定的软件名称。在初次运行时,先根据指定的软件名称,获取对应的软件文件,然后在通过第二度量算法,得到对应的软件环境监测值。When cloud server leasing users first start using cloud servers, they will collect their selected cloud server verification policy configuration parameters, including software trusted integrity verification policies. The strategy includes a second measurement algorithm and a designated software name. In the first run, first obtain the corresponding software file according to the specified software name, and then obtain the corresponding software environment monitoring value through the second measurement algorithm.
103、若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;103. If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, wait to enter the next round of timing monitoring tasks;
若软件环境监控值与软件环境一致,则说明当前软件环境完整,故等待进入下一轮的定时监控任务。If the software environment monitoring value is consistent with the software environment, it means that the current software environment is complete, so it waits for the next round of timing monitoring tasks.
104、若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;104. If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determine whether the current cloud server meets a preset alarm condition;
若硬件环境监控值与硬件环境基准值不一致,或者软件环境监控值与软件环境基准值不一致,就说明当前云服务器可能存在风险。为提供监控的严谨性,避免因为误报引起的错误预警。对每一次不一致的情形都会计数,当技术达到预置阈值时,才判定当前云服务器满足预置告警条件。If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, it means that the current cloud server may be at risk. In order to provide the rigor of monitoring and avoid false warnings caused by false alarms. Each inconsistency is counted, and when the technology reaches the preset threshold, it is determined that the current cloud server meets the preset alarm conditions.
105、若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。105. If the alarm condition is met, generate a hardware credibility report and/or a software credibility report corresponding to the current cloud server and send it to the corresponding cloud server rental user.
若满足告警条件,则获取预置的报告模板,并将不一致的硬件/软件环境监控值和硬件 /软件环境基准值写入报告模板中,得到硬件可信报告和/或软件可信报告,并将其发送给对应的云服务器租赁用户。If the alarm conditions are met, the preset report template is obtained, and the inconsistent hardware/software environment monitoring values and hardware/software environment benchmark values are written into the report template to obtain the hardware credibility report and/or software credibility report, and Send it to the corresponding cloud server rental user.
本申请实施例中,提供一种云服务器的监控方法,检测存在定时监控任务,先进行硬件可信完整性校验,通过后,再进行软件可信完整性校验,如果都通过,再等待下一次。如果不通过,则生成硬件可信报告和/或软件可信报告,并发送给用户。因此本申请能够从硬件环境和软件环境两个层面实现对云服务器的定时监控,从而降低数据泄露风险,提高用户的数据的安全性。In the embodiment of the application, a monitoring method for a cloud server is provided. It detects the existence of a regular monitoring task, first performs a hardware credible integrity check, and then performs a software credible integrity check after passing, and if all passes, wait again next time. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data.
请参阅图2-1和图2-2,本申请实施例中云服务器监控方法的第二个实施例包括:Referring to Figure 2-1 and Figure 2-2, the second embodiment of the cloud server monitoring method in the embodiment of the present application includes:
201、获取预置硬件可信完整性校验策略;201. Obtain a preset hardware trusted integrity check strategy;
开发者预先将需要监控的硬件对象的名称写入硬件可信完整性校验策略中,并将该硬件可信完整性校验策略存储于本装置。在本实施例中,硬件名称包括系统引导扇区、BIOS固件、硬盘序列号等。The developer writes the name of the hardware object to be monitored in the hardware trusted integrity check strategy in advance, and stores the hardware trusted integrity check strategy in the device. In this embodiment, the hardware name includes system boot sector, BIOS firmware, hard disk serial number, and so on.
安全芯片,又称为可信任平台模块,是一个可独立进行密钥生成、加密解密的装置,内部拥有独立的处理器和存储单元,可存储密钥和特征数据。目前常用的可信安全芯片有两种,一种是TPM(Trusted Platform Module)安全芯片,是指符合TPM规范的可信安全芯片,主要由国外厂商出厂;另一种是TCM(Trusted Cryptography Module,可信安全模块),是由长城、中兴等公司联合推出。由于可信安全芯片的加密措施,本方案采用它们存储硬件环境基准值和/或软件环境基准值。本方案不限制采用的可信芯片的类型,本实施例仅以TPM芯片为例进行方案描述。The security chip, also known as the trusted platform module, is a device that can independently perform key generation, encryption and decryption. It has an independent processor and storage unit inside that can store keys and characteristic data. At present, there are two commonly used trusted security chips, one is TPM (Trusted Platform Module) security chip, which refers to a trusted security chip that conforms to TPM specifications, and is mainly manufactured by foreign manufacturers; the other is TCM (Trusted Cryptography Module), Trusted security module) is jointly launched by Great Wall, ZTE and other companies. Due to the encryption measures of the trusted security chip, this solution uses them to store the hardware environment reference value and/or the software environment reference value. This solution does not limit the type of trusted chip used, and this embodiment only uses a TPM chip as an example to describe the solution.
当TPM芯片插入需要进行监控的云服务器时,本装置获取开发者预置的硬件可信完整性校验策略。When the TPM chip is inserted into the cloud server that needs to be monitored, the device obtains the hardware credible integrity check strategy preset by the developer.
202、根据所述硬件可信完整性校验策略中指定的硬件名称,获取当前云服务器中对应硬件的属性值;202. Obtain the attribute value of the corresponding hardware in the current cloud server according to the hardware name specified in the hardware trusted integrity check policy.
根据硬件可信完整性校验策略中指定的硬件名称,获取安装有TPM芯片的云服务器中对应硬件的属性值。以硬盘序列号(Hard Disk Serial Number)进行简单描述。硬盘序列号的简称为SN号,硬盘厂家为区别不同的硬盘产品,为硬盘增加的编码,该编码是唯一且不可变的。先读取/etc/mtab文件,找到挂在的设备文件,然后通过系统调用ioctl获取设备文件中的信息。再在得到的信息中提取对应的属性值,该值即为当前服务器中硬盘序列号。引导扇区、BIOS固件等硬件所对应的属性值都可通过类似的方式获得,由于本技术已非常成熟,因此不在一一赘述。According to the hardware name specified in the hardware trusted integrity check policy, the attribute value of the corresponding hardware in the cloud server with the TPM chip is obtained. A brief description is given with the hard disk serial number (Hard Disk Serial Number). The abbreviation of the hard disk serial number is SN. The hard disk manufacturer adds a code for the hard disk to distinguish different hard disk products. The code is unique and immutable. First read the /etc/mtab file, find the device file that is hung, and then use the system to call ioctl to obtain the information in the device file. Then extract the corresponding attribute value from the obtained information, which is the serial number of the hard disk in the current server. The attribute values corresponding to hardware such as boot sector, BIOS firmware, etc. can be obtained in a similar manner. Since this technology is very mature, we will not repeat them one by one.
203、根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值,其中,所述硬件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中;203. Calculate the attribute value of the hardware according to the first metric algorithm specified in the hardware trusted integrity check strategy to obtain the hardware environment reference value of the hardware, where the hardware environment reference value Stored in the NV space in the blockchain and/or preset trusted security chip;
目前常采用的对服务器的硬件信息和软件信息进行度量的度量算法为哈希算法。目前可信安全芯片所支持的哈希算法有SHA256、SM3等。由于TPM的标配是SHA256算法,因此本实施例以SHA256作为第一度量算法,对硬件属性值进行度量。At present, the measurement algorithm commonly used to measure the hardware information and software information of the server is the hash algorithm. At present, the hash algorithms supported by trusted security chips are SHA256, SM3, etc. Since the standard configuration of the TPM is the SHA256 algorithm, this embodiment uses SHA256 as the first measurement algorithm to measure hardware attribute values.
SHA256是SHA-2下细分出来的一种算法,SHA256能够将任意长度的字符串或文件转化为一个256bit长度的哈希值。在Python、java等常用计算机语言中都可进行SHA256加密。以Python为例,在Python的预置的hash算法库hashlib中已包含有SHA256算法。先导入hashlib算法库,并采用x=hashlib.sha256(),提取SHA256算法,并赋予第一度量算法对应的变量x。然后通过第一度量算法,对得到的SN号,以123为例,进行计算。最后得到SN号对应的硬件环境基准值“a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07eSHA256 is an algorithm subdivided under SHA-2. SHA256 can convert a string or file of any length into a hash value of 256bit length. SHA256 encryption can be performed in common computer languages such as Python and java. Taking Python as an example, the SHA256 algorithm is already included in the preset hash algorithm library hashlib of Python. First import the hashlib algorithm library, and use x=hashlib.sha256() to extract the SHA256 algorithm and assign the variable x corresponding to the first metric algorithm. Then use the first metric algorithm to calculate the obtained SN number, taking 123 as an example. Finally, the hardware environment reference value corresponding to the SN number is obtained "a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e
998e86f7f7a27ae3”。998e86f7f7a27ae3".
为保障硬件环境基准值不被恶意篡改或丢失,将其导入可信安全芯片中的NV空间。NV空间(Non-Volatile Random Access Memory,非易失性(或非发挥性)随机访问存储器),也简写为NVRAM。NVRAM具有不易丢失的特性。在本实施例中,NVRAM用于存储硬件环境基准值和软件环境基准值。In order to ensure that the hardware environment reference value is not maliciously tampered with or lost, it is imported into the NV space in the trusted security chip. NV space (Non-Volatile Random Access Memory, non-volatile (or non-playable) random access memory), also abbreviated as NVRAM. NVRAM is not easy to lose. In this embodiment, NVRAM is used to store the hardware environment reference value and the software environment reference value.
TPM可维持一条静态信任链。静态信任链用于平台开机后度量。在信任链上包含多个PCR(Platform Configuration Register,平台配置寄存器),如第一个用于存储BIOS,属性值为A,哈希值为B;第二个用于扩展了平台配置,属性值为B,此时将(A+B)作为整体,对其采用第一度量算法进行度量,得到哈希值C。而PCR上存储的数据同时会被存储与NV空间中。由于TPM上的数据都会进行加密,因此会被进行较强保密和监控,从而增加硬件环境基准值和软件环境基准值的可信性,提高环境的完整性校验的准确性。需要强调的是,为进一步保证上述硬件环境基准值私密和安全性,上述硬件环境基准值还可以存储于一区块链的节点中。TPM can maintain a static chain of trust. The static chain of trust is used for measurement after the platform is powered on. There are multiple PCRs (Platform Configuration Registers) in the trust chain. For example, the first one is used to store the BIOS, the attribute value is A, and the hash value is B; the second one is used to extend the platform configuration and the attribute value It is B. At this time, (A+B) is taken as a whole, and the first measurement algorithm is used to measure it, and the hash value C is obtained. The data stored on the PCR will be stored in the NV space at the same time. Since the data on the TPM will be encrypted, it will be strongly confidential and monitored, thereby increasing the credibility of the hardware environment reference value and the software environment reference value, and improving the accuracy of the environmental integrity check. It should be emphasized that, in order to further ensure the privacy and security of the hardware environment reference value, the hardware environment reference value may also be stored in a node of a blockchain.
204、获取所述服务器租赁用户选择的云服务器校验策略配置参数,其中,所述云服务器校验策略配置参数包括开启或关闭软件可信完整性校验策略,开启或关闭硬件可信完整性校验策略;204. Obtain the cloud server verification strategy configuration parameters selected by the server leasing user, where the cloud server verification strategy configuration parameters include enabling or disabling the software trusted integrity verification strategy, and enabling or disabling the hardware trusted integrity Verification strategy;
操作系统内核为设备上的第一层软件,是整个操作系统和设备的核心构件之一。由于操作系统内核在运行过程中可能受到缓冲区溢出、直接内存存取外设攻击等攻击行为,使操作系统进入非预期状态,从而造成整个软件环境的不可信。因此本方案提供能够实现软件层面的可信完整性校验策略。The operating system kernel is the first layer of software on the device and is one of the core components of the entire operating system and device. Because the operating system kernel may be attacked by buffer overflows, direct memory access peripheral attacks, etc., the operating system enters an unexpected state, which causes the entire software environment to be untrustworthy. Therefore, this solution provides a trusted integrity check strategy that can realize the software level.
硬件环境基准值写入预置可信安全芯片后,该服务器可进行上架租赁,提供云服务。在服务器租赁用户开启云服务器时,首先会弹出选项框,以便用户选择云服务器校验策略配置参数。其中云服务器校验策略配置参数包括有开启或关闭软件可信完整性校验策略,开启或关闭硬件可信完整性校验策略。After the hardware environment benchmark value is written into the preset trusted security chip, the server can be rented on the shelf to provide cloud services. When the server rental user turns on the cloud server, an option box will first pop up so that the user can select the cloud server to verify the policy configuration parameters. The cloud server verification strategy configuration parameters include turning on or off the software trusted integrity verification strategy, and turning on or off the hardware trusted integrity verification strategy.
此外,在硬件可信完整性校验策略中还可选择是否进行硬件可信完整性校验策略。部分用户在开始使用时,可能较为关注使用前的硬件环境完整性,以此为用户提供更多的监控选择。In addition, in the hardware trusted integrity check strategy, you can also choose whether to perform the hardware trusted integrity check strategy. When some users start to use it, they may pay more attention to the integrity of the hardware environment before use, so as to provide users with more monitoring options.
205、当开启软件可信完整性校验策略时,根据所述云服务器校验策略配置参数,开启云服务器定时监控任务;205. When the software trusted integrity verification strategy is enabled, start the cloud server timing monitoring task according to the cloud server verification strategy configuration parameters;
当用户选择开启软件可信完整性校验策略时,弹出具体的软件可信完整性校验策略配置参数,例如采用的第二度量算法的类型,需要对那些文件进行度量,监控周期等等。常使用的待度量的软件文件有操作系统的内核文件。如在ubuntu中,内核文件的文件名为.config。When the user chooses to enable the software trusted integrity check policy, specific software trusted integrity check policy configuration parameters will pop up, such as the type of the second measurement algorithm used, those files that need to be measured, the monitoring period, and so on. The frequently used software files to be measured are the kernel files of the operating system. For example, in ubuntu, the file name of the kernel file is .config.
206、根据所述软件可信完整性校验策略中指定的软件名称,获取当前云服务器中对应软件文件;206. Obtain the corresponding software file in the current cloud server according to the software name specified in the software trusted integrity verification policy;
将“.config”文件默认的保存路径“/usr/src/linux-headers-VERSION-generic/.config”赋值至String filePath,从而获得软件清单中文件名称对应的软件文件。Assign the default save path of the ".config" file "/usr/src/linux-headers-VERSION-generic/.config" to String filePath to obtain the software file corresponding to the file name in the software list.
207、根据所述软件可信完整性校验策略中指定的第二度量算法,对所述软件文件进行计算,得到所述软件环境基准值,其中所述硬件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中;207. Calculate the software file according to the second measurement algorithm specified in the software trusted integrity verification strategy to obtain the software environment reference value, wherein the hardware environment reference value is stored in the blockchain and / Or preset in the NV space in the trusted security chip;
在本实施例中,第二度量算法是仍然是SHA256算法。采用SHA256对得到的String filePath进行计算,从而得到“.config”对应的哈希值,即软件环境基准值。In this embodiment, the second metric algorithm is still the SHA256 algorithm. Use SHA256 to calculate the obtained String filePath to obtain the hash value corresponding to ".config", which is the software environment benchmark value.
需要强调的是,为进一步保证上述软件环境基准值的私密和安全性,上述软件环境基准值还可以存储于一区块链的节点或/和区块链中。It should be emphasized that, in order to further ensure the privacy and security of the above-mentioned software environment reference value, the above-mentioned software environment reference value may also be stored in a node of a blockchain or/and a blockchain.
208、检测当前是否存在云服务器定时监控任务;208. Detect whether there is a cloud server timing monitoring task currently;
209、若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;209. If there is currently a cloud server timing monitoring task, trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
210、若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;210. If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, wait to enter the next round of timing monitoring tasks;
211、若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;211. If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determine whether the current cloud server meets a preset alarm condition;
212、若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。212. If the alarm condition is met, generate a hardware credibility report and/or a software credibility report corresponding to the current cloud server and send it to the corresponding cloud server rental user.
本申请所指区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchain),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层等。The blockchain referred to in this application is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain, essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information for verification. The validity of the information (anti-counterfeiting) and generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
本申请实施例中,在进行监控之前,根据预置硬件可信完整性校验策略,获得硬件环境基准值,以便用户在开始使用云服务器之前对硬件环境进行一次完整度量。此外,本实施例还提供用户自由选择是否开启硬件可信完整性校验策略或软件可信完整性校验策略。若其选择开启软件可信完整性校验策略,则根据其选择的云服务器校验策略配置参数,得到软件环境基准值,并开启监控服务。其中,由于本方案中软件环境基准值和硬件环境基准值存储于可信任安全芯片和区块链中,因此可对两者进行更好的保护,从而减少被篡改的风险,提高后期校验结果的可信性。In the embodiment of the present application, prior to monitoring, the hardware environment reference value is obtained according to the preset hardware trusted integrity check strategy, so that the user can perform a complete measurement of the hardware environment before starting to use the cloud server. In addition, this embodiment also provides the user to freely choose whether to enable the hardware trusted integrity check strategy or the software trusted integrity check strategy. If it chooses to turn on the software trusted integrity verification strategy, it will configure the parameters according to its selected cloud server verification strategy to obtain the software environment benchmark value and start the monitoring service. Among them, since the software environment reference value and hardware environment reference value in this solution are stored in the trusted security chip and the blockchain, both can be better protected, thereby reducing the risk of tampering and improving the post-verification results Credibility.
请参阅图3,本申请实施例中云服务器监控方法的第三个实施例包括:Referring to FIG. 3, the third embodiment of the cloud server monitoring method in the embodiment of the present application includes:
301、检测当前是否存在云服务器定时监控任务;301. Detect whether there is a scheduled monitoring task for a cloud server currently;
302、若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;302. If there is currently a cloud server timing monitoring task, trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
303、若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;303. If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, wait to enter the next round of timing monitoring tasks;
304、若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则将预置不可信次数加1;304. If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, increase the preset number of untrustworthy times by one;
若硬件环境监控值和硬件环境基准值不一致,或者软件环境监控值与软件环境基准值不一致,则说明当前可能存在环境变化。但是在现实应用中,可能存在误报的可能,因此为保证严谨性,在用户选择云服务器校验策略配置参数,可设定不可信次数阈值。每发生一次都在不可信次数上加1,逐步累积。If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, it means that there may be environmental changes currently. However, in real applications, there may be the possibility of false alarms. Therefore, to ensure rigor, when users select cloud server verification policy configuration parameters, the threshold of untrustworthy times can be set. Every time it happens, add 1 to the number of untrustworthy times and gradually accumulate.
305、判断当前不可信次数是否达到预置不可信次数阈值;305. Judge whether the current number of untrustworthy times reaches a preset untrustworthy times threshold;
每一次增加不可信次数,都对当前的不可信次数与预置不可信次数阈值进行对比,并判断其是否达到不可信次数阈值。Each time the number of untrustworthy times is increased, the current untrustworthy times are compared with the preset untrustworthy times threshold, and it is judged whether it reaches the untrustworthy times threshold.
306、若增加后的不可信次数达到预置不可信次数阈值,则确定当前云服务器满足告警条件;306. If the increased number of untrusted times reaches the preset untrusted times threshold, it is determined that the current cloud server meets the alarm condition;
307、若当前云服务器满足告警条件,则获取预置可信报告模板;307. If the current cloud server meets the alarm condition, obtain a preset credible report template;
开发者预先将可信报告模板写入本装置中。可信报告模板包含标题、字符串名(在本实施例中为硬件环境监控值和硬件环境基准值)、各个字符串名对应的写入规则、判断结果等等。若当前云服务器满足告警条件,则获取该可信报告模板The developer writes the credible report template into the device in advance. The credible report template includes a title, a string name (in this embodiment, the hardware environment monitoring value and the hardware environment reference value), the writing rules corresponding to each string name, the judgment result, and so on. If the current cloud server meets the alarm conditions, obtain the trusted report template
308、将所述硬件环境监控值和所述硬件环境基准值,或者所述软件环境监控值和所述软件环境基准值写入所述报告模板中,得到硬件可信报告和/或软件可信报告;308. Write the hardware environment monitoring value and the hardware environment reference value, or the software environment monitoring value and the software environment reference value into the report template to obtain a hardware credibility report and/or software credibility report;
按照各个字符串名对应的写入规则,将不一致的硬件环境监控值和硬件环境基准值,或者所述软件环境监控值和软件环境基准值写入可信报告模板中,从而得到硬件可信报告和/或软件可信报告。Write the inconsistent hardware environment monitoring value and hardware environment reference value, or the software environment monitoring value and software environment reference value into the credible report template according to the writing rules corresponding to each string name, thereby obtaining the hardware credibility report And/or software trust report.
此外,可信报警报告中还对每对硬件(软件)环境监控值和硬件(软件)环境基准值进行判定,一致的,判定为可信,不一致的,判定为不可信,以便用户快速找出存在问题的硬件或软件。In addition, the credible alarm report also judges each pair of hardware (software) environmental monitoring values and hardware (software) environmental benchmark values. If they are consistent, they are judged to be credible, and those that are inconsistent are judged to be unreliable, so that users can quickly find out. The hardware or software in question.
309、根据预置邮件地址和预置电话号码,将所述硬件可信报告和/或软件可信报告和预置报警短信发送至所述服务器租赁用户。309. According to a preset email address and a preset phone number, send the hardware credibility report and/or the software credibility report and the preset alarm short message to the server rental user.
最后根据预置的邮件地址,将硬件可信报告和/或软件可信报告发送至服务器租赁用户。同时,为加快服务器租赁用户的处理速度,还发送报警短信给对方。Finally, according to the preset email address, the hardware credibility report and/or the software credibility report are sent to the server rental user. At the same time, in order to speed up the processing speed of the server rental users, an alarm message is also sent to the other party.
在本实施例中,对监控过程中的报警过程进行了描述和补充。一方面,为保证监控结果的严谨性,减少误报的发生,设置了不可信次数阈值,只有当不可信次数达到阈值,才会进行报警。另一方面,为方便服务器租赁用户快速找到不可信的硬件或软件,可信报告中存在不一致的硬件(软件)环境监控值和硬件(软件)环境基准值,且在发送可信报告至邮箱后,还会发送短信进行提醒。In this embodiment, the alarm process in the monitoring process is described and supplemented. On the one hand, in order to ensure the rigor of the monitoring results and reduce the occurrence of false alarms, a threshold of untrustworthy times is set. Only when the untrustworthy times reaches the threshold, an alarm will be issued. On the other hand, in order to facilitate server rental users to quickly find untrusted hardware or software, there are inconsistent hardware (software) environmental monitoring values and hardware (software) environmental benchmark values in the trusted report, and after sending the trusted report to the mailbox , And also send a text message to remind you.
请参阅图4,本申请实施例中云服务器监控方法的第四个实施例包括:Referring to FIG. 4, the fourth embodiment of the cloud server monitoring method in the embodiment of the present application includes:
401、检测当前是否存在云服务器定时监控任务;401. Detect whether there is a cloud server timing monitoring task currently;
402、若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;402. If a cloud server timing monitoring task currently exists, trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
403、若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;403. If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, wait to enter the next round of timing monitoring tasks;
404、若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;404. If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determine whether the current cloud server meets a preset alarm condition;
405、若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户;405. If the alarm condition is met, generate a hardware credibility report and/or software credibility report corresponding to the current cloud server and send it to the corresponding cloud server rental user;
406、获取所述服务器租赁用户更新后的云服务器校验策略配置参数;406. Obtain the updated cloud server verification policy configuration parameters of the server rental user;
由于在云服务器在提供云服务的过程中,不可避免会出现硬件更新换代,软件更新,增加补丁等情形。因此为增减监控的灵活,本申请还提供一种对云服务器校验策略的更新方案。As the cloud server is in the process of providing cloud services, it is inevitable that there will be hardware updates, software updates, and patch additions. Therefore, in order to increase or decrease the flexibility of monitoring, this application also provides a solution for updating the cloud server verification strategy.
首先获取所述服务器租赁用户更新后的云服务器校验策略配置参数。First, obtain the updated cloud server verification policy configuration parameters of the server leasing user.
407、根据更新后的云服务器校验策略配置参数,对所述硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新;407: According to the updated cloud server verification strategy configuration parameters, update the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy;
然后更新后的云服务器校验策略配置参数,对所述硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新,可更新的云服务器校验策略配置参数包括度量算法、待度量的软件名称、监控周期等等。Then the updated cloud server verification strategy configuration parameters are updated, the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy are updated, and the updateable cloud server verification strategy configuration parameters include the measurement algorithm, waiting The name of the software being measured, the monitoring period, etc.
408、根据更新后的硬件可行完整性校验策略和/或软件可行完整性校验策略,对所述硬件环境基准值和/或所述软件环境基准值进行更新。408. Update the hardware environment reference value and/or the software environment reference value according to the updated hardware feasible integrity check strategy and/or software feasible integrity check strategy.
由于硬件可行完整性校验策略和/或软件可行完整性校验策略发生了变更,因此硬件环境基准值和/或所述软件环境基准值也需要根据更新后的硬件可行完整性校验策略和/或软件可行完整性校验策略,对NV空间中的硬件环境基准值和/或所述软件环境基准值进行更新。Since the hardware feasible integrity check strategy and/or the software feasible integrity check strategy have changed, the hardware environment reference value and/or the software environment reference value also need to be based on the updated hardware feasible integrity check strategy and /Or a software feasible integrity check strategy to update the hardware environment reference value and/or the software environment reference value in the NV space.
在本实施例中,为提高云服务器监控的灵活性,提供了一种对硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新的方案。此外,在对策略进行更新的同时,也会对硬件环境基准值和/或所述软件环境基准值进行更新。In this embodiment, in order to improve the flexibility of cloud server monitoring, a solution for updating a hardware feasible integrity check strategy and/or a software feasible integrity check strategy is provided. In addition, when the policy is updated, the hardware environment reference value and/or the software environment reference value will also be updated.
上面对本申请实施例中云服务器监控方法进行了描述,下面对本申请实施例中云服务器监控装置进行描述,请参阅图5,本申请实施例中云服务器监控装置第一个实施例包括:The cloud server monitoring method in the embodiment of the present application is described above, and the cloud server monitoring device in the embodiment of the present application is described below. Referring to FIG. 5, the first embodiment of the cloud server monitoring device in the embodiment of the present application includes:
检测模块501,用于检测当前是否存在云服务器定时监控任务;The detection module 501 is used to detect whether there is a cloud server timing monitoring task currently;
校验模块502,用于若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;The verification module 502 is configured to trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check if there is a cloud server timing monitoring task currently;
其中,所述校验模块502包括:Wherein, the verification module 502 includes:
硬件校验单元5021,用于执行云服务器硬件可信完整性校验,具体包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;The hardware verification unit 5021 is configured to perform cloud server hardware trusted integrity verification, which specifically includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware Whether the environment monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, triggering the execution of the cloud server software trusted integrity check;
软件校验单元5022,用于执行云服务器软件可信完整性校验,具体包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;The software verification unit 5022 is used to perform cloud server software trusted integrity verification, which specifically includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity verification strategy, and judging the software Whether the environmental monitoring value is consistent with the preset software environmental reference value;
待机模块503,用于若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;The standby module 503 is configured to wait for the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value ;
判断模块504,用于若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;The judgment module 504 is configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
告警模块505,用于若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。The alarm module 505 is configured to generate a hardware credibility report and/or a software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
本申请实施例中,提供一种云服务器的监控方法,检测存在定时监控任务,先进行硬件可信完整性校验,通过后,再进行软件可信完整性校验,如果都通过,再等待下一次。如果不通过,则生成硬件可信报告和/或软件可信报告,并发送给用户。因此本申请能够从硬件环境和软件环境两个层面实现对云服务器的定时监控,从而降低数据泄露风险,提高用户的数据的安全性。In the embodiment of the application, a monitoring method for a cloud server is provided. It detects the existence of a regular monitoring task, first performs a hardware credible integrity check, and then performs a software credible integrity check after passing, and if all passes, wait again next time. If it fails, a hardware credibility report and/or a software credibility report are generated and sent to the user. Therefore, this application can implement timing monitoring of the cloud server from the two levels of the hardware environment and the software environment, thereby reducing the risk of data leakage and improving the security of the user's data.
请参阅图6,本申请实施例中云服务器监控装置的第二个实施例包括:Referring to FIG. 6, the second embodiment of the cloud server monitoring device in the embodiment of the present application includes:
检测模块501,用于检测当前是否存在云服务器定时监控任务;The detection module 501 is used to detect whether there is a cloud server timing monitoring task currently;
校验模块502,用于若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;The verification module 502 is configured to trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check if there is a cloud server timing monitoring task currently;
其中,所述校验模块502包括:Wherein, the verification module 502 includes:
硬件校验单元5021,用于执行云服务器硬件可信完整性校验,具体包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;The hardware verification unit 5021 is configured to perform cloud server hardware trusted integrity verification, which specifically includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware Whether the environment monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, triggering the execution of the cloud server software trusted integrity check;
软件校验单元5022,用于执行云服务器软件可信完整性校验,具体包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;The software verification unit 5022 is used to perform cloud server software trusted integrity verification, which specifically includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity verification strategy, and judging the software Whether the environmental monitoring value is consistent with the preset software environmental reference value;
待机模块503,用于若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;The standby module 503 is configured to wait for the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value ;
判断模块504,用于若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;The judgment module 504 is configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
告警模块505,用于若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。The alarm module 505 is configured to generate a hardware credibility report and/or a software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
其中,所述检测模块501之前包括硬件度量模块506,所述硬件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,所述硬件度量模块506具体用于:Wherein, the detection module 501 previously includes a hardware measurement module 506, the hardware environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip, and the hardware measurement module 506 is specifically used for:
获取预置硬件可信完整性校验策略;Obtain a pre-built hardware trusted integrity check strategy;
根据所述硬件可信完整性校验策略中指定的硬件名称,获取当前云服务器中对应硬件的属性值;Obtaining the attribute value of the corresponding hardware in the current cloud server according to the hardware name specified in the hardware trusted integrity check policy;
根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值。The attribute value of the hardware is calculated according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware.
其中,所述硬件度量模块506之后还连接有软件度量模块507,所述软件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,所述软件度量模块507具体用于:Wherein, the hardware measurement module 506 is further connected with a software measurement module 507, the software environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip, and the software measurement module 507 specifically Used for:
获取所述服务器租赁用户选择的云服务器校验策略配置参数,其中,所述云服务器校验策略配置参数包括开启或关闭软件可信完整性校验策略;Acquiring cloud server verification strategy configuration parameters selected by the server leasing user, where the cloud server verification strategy configuration parameters include enabling or disabling a software trusted integrity verification strategy;
当开启软件可信完整性校验策略时,根据所述云服务器校验策略配置参数,开启云服务器定时监控任务;When the software trusted integrity check strategy is turned on, according to the cloud server check strategy configuration parameters, start the cloud server timing monitoring task;
根据所述软件可信完整性校验策略中指定的软件名称,获取当前云服务器中对应软件文件;Obtain the corresponding software file in the current cloud server according to the software name specified in the software trusted integrity verification policy;
根据所述软件可信完整性校验策略中指定的第二度量算法,对所述软件文件进行计算,得到所述软件环境基准值。The software file is calculated according to the second measurement algorithm specified in the software trusted integrity verification strategy to obtain the software environment reference value.
可选的,所述云服务器校验策略配置参数还包括开启或关闭硬件可信完整性校验策略。Optionally, the cloud server verification policy configuration parameter further includes enabling or disabling the hardware trusted integrity verification policy.
可选的,所述判断模块504具体用于:Optionally, the judgment module 504 is specifically configured to:
若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则将预置不可信次数加1;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, add 1 to the preset number of untrustworthy times;
判断当前不可信次数是否达到预置不可信次数阈值;Judge whether the current number of untrustworthiness reaches the preset threshold of untrustworthiness;
若增加后的不可信次数达到预置不可信次数阈值,则确定当前云服务器满足告警条件。If the increased number of untrusted times reaches the preset untrusted times threshold, it is determined that the current cloud server meets the alarm condition.
可选的,所述告警模块505具体用于:Optionally, the alarm module 505 is specifically configured to:
若当前云服务器满足告警条件,则获取预置报告模板;If the current cloud server meets the alarm condition, obtain the preset report template;
将所述硬件环境监控值和所述硬件环境基准值,或者所述软件环境监控值和所述软件环境基准值写入所述报告模板中,得到报警报告;Writing the hardware environment monitoring value and the hardware environment reference value, or the software environment monitoring value and the software environment reference value into the report template to obtain an alarm report;
根据预置邮件地址和预置电话号码,将所述报警报告发送至对应的服务器租赁用户并将预置报警短信发送至所述服务器租赁用户。According to a preset email address and a preset phone number, the alarm report is sent to the corresponding server rental user and the preset alarm short message is sent to the server rental user.
其中,所述云服务器监控装置还包括更新模块508,所述更新模块508具体用于:Wherein, the cloud server monitoring device further includes an update module 508, and the update module 508 is specifically configured to:
获取所述服务器租赁用户更新后的云服务器校验策略配置参数;Obtaining the updated cloud server verification policy configuration parameters of the server rental user;
根据更新后的云服务器校验策略配置参数,对所述硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新,并生成对应的硬件更新值和/或软件更新值;According to the updated cloud server verification strategy configuration parameters, update the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy, and generate corresponding hardware update values and/or software update values;
将所述硬件更新值和/或所述软件更新值分别替换对应的所述硬件环境基准值和/或所述软件环境基准值。The hardware update value and/or the software update value are respectively replaced with the corresponding hardware environment reference value and/or the software environment reference value.
在上一实施例基础上,本实施例还提供用户自由选择是否开启硬件可信完整性校验策略或软件可信完整性校验策略。若其选择开启软件可信完整性校验策略,则根据其选择的云服务器校验策略配置参数,得到软件环境基准值,并开启监控服务。其中,由于本方案中软件环境基准值和硬件环境基准值存储于可信任安全芯片和区块链中,因此可对两者进行更好的保护,从而减少被篡改的风险,提高后期校验结果的可信性。此外,为保证监控结果的严谨性,减少误报的发生,设置了不可信次数阈值,只有当不可信次数达到阈值,才会进行报警。最后,为提高云服务器监控的灵活性,提供了一种对硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新的方案。On the basis of the previous embodiment, this embodiment also provides the user to freely choose whether to enable the hardware trusted integrity check strategy or the software trusted integrity check strategy. If it chooses to turn on the software trusted integrity verification strategy, it will configure the parameters according to its selected cloud server verification strategy to obtain the software environment benchmark value and start the monitoring service. Among them, since the software environment reference value and hardware environment reference value in this solution are stored in the trusted security chip and the blockchain, both can be better protected, thereby reducing the risk of tampering and improving the post-verification results Credibility. In addition, in order to ensure the rigor of the monitoring results and reduce the occurrence of false alarms, a threshold for the number of unreliable times is set. Only when the number of unreliable times reaches the threshold will an alarm be issued. Finally, in order to improve the flexibility of cloud server monitoring, a solution is provided for updating a feasible hardware integrity check strategy and/or a software feasible integrity check strategy.
上面图5和图6从模块化功能实体的角度对本申请实施例中的云服务器监控装置进行详细描述,下面从硬件处理的角度对本申请实施例中云服务器监控设备进行详细描述。Figures 5 and 6 above describe the cloud server monitoring device in the embodiment of the present application in detail from the perspective of modular functional entities, and the following describes the cloud server monitoring device in the embodiment of the present application in detail from the perspective of hardware processing.
图7是本申请实施例提供的一种云服务器监控设备的结构示意图,该云服务器监控设备700可因配置或性能不同而产生比较大的差异,可以包括一个或一个以上处理器(central processing units,CPU)710(例如,一个或一个以上处理器)和存储器720,一个或一个以上存储应用程序733或数据732的存储介质730(例如一个或一个以上海量存储设备)。其中,存储器720和存储介质730可以是短暂存储或持久存储。存储在存储介质730的程序可以包括一个或一个以上模块(图示没标出),每个模块可以包括对云服务器监控设备700中的一系列指令操作。更进一步地,处理器710可以设置为与存储介质730通信,在云服务器监控设备700上执行存储介质730中的一系列指令操作。FIG. 7 is a schematic structural diagram of a cloud server monitoring device provided by an embodiment of the present application. The cloud server monitoring device 700 may have relatively large differences due to different configurations or performance, and may include one or more processors (central processing units). , A CPU 710 (for example, one or more processors) and a memory 720, and one or more storage media 730 (for example, one or more storage devices) storing application programs 733 or data 732. Among them, the memory 720 and the storage medium 730 may be short-term storage or persistent storage. The program stored in the storage medium 730 may include one or more modules (not shown in the figure), and each module may include a series of instruction operations on the cloud server monitoring device 700. Furthermore, the processor 710 may be configured to communicate with the storage medium 730, and execute a series of instruction operations in the storage medium 730 on the cloud server monitoring device 700.
基于云服务器监控设备700还可以包括一个或一个以上电源730,一个或一个以上有线或无线网络接口750,一个或一个以上输入输出接口760,和/或,一个或一个以上操作系统731,例如Windows Serve,Mac OS X,Unix,Linux,FreeBSD等等。本领域技术人员可以理解,图7示出的云服务器监控设备结构并不构成对基于云服务器监控设备的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。The cloud-based server monitoring device 700 may also include one or more power supplies 730, one or more wired or wireless network interfaces 750, one or more input and output interfaces 760, and/or one or more operating systems 731, such as Windows Serve, Mac OS X, Unix, Linux, FreeBSD, etc. Those skilled in the art can understand that the structure of the cloud server monitoring device shown in FIG. 7 does not constitute a limitation on the cloud server monitoring device, and may include more or less components than shown in the figure, or a combination of certain components, or different components. The layout of the components.
本申请还提供一种计算机可读存储介质,该计算机可读存储介质可以为非易失性计算机可读存储介质,该计算机可读存储介质也可以为易失性计算机可读存储介质,所述计算机可读存储介质中存储有指令,当所述指令在计算机上运行时,使得计算机执行所述云服务器监控方法的步骤。This application also provides a computer-readable storage medium. The computer-readable storage medium may be a non-volatile computer-readable storage medium, and the computer-readable storage medium may also be a volatile computer-readable storage medium. The computer-readable storage medium stores instructions, and when the instructions run on a computer, the computer executes the steps of the cloud server monitoring method.
进一步地,所述计算机可读存储介质可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序等;存储数据区可存储根据区块链节点的使用所创建的数据等。Further, the computer-readable storage medium may mainly include a storage program area and a storage data area, where the storage program area may store an operating system, an application program required by at least one function, etc.; the storage data area may store Data created by the use of nodes, etc.
本申请所指区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchain),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层等。The blockchain referred to in this application is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain, essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information for verification. The validity of the information (anti-counterfeiting) and generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and conciseness of the description, the specific working process of the system, device and unit described above can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(read-only memory,ROM)、随机存取存储器(random access memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of the present application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disk and other media that can store program code .
以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。As mentioned above, the above embodiments are only used to illustrate the technical solutions of the present application, but not to limit them; although the present application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: The technical solutions recorded in the embodiments are modified, or some of the technical features are equivalently replaced; and these modifications or replacements do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (20)

  1. 一种云服务器监控方法,其中,所述云服务器监控方法包括:A cloud server monitoring method, wherein the cloud server monitoring method includes:
    检测当前是否存在云服务器定时监控任务;Detect whether there is a scheduled monitoring task for the cloud server currently;
    若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;If there is a cloud server scheduled monitoring task currently, it will trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
    其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
    其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
    若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, then waiting to enter the next round of regular monitoring tasks;
    若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determining whether the current cloud server meets the preset alarm condition;
    若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。If the alarm conditions are met, a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
  2. 根据权利要求1所述的云服务器监控方法,其中,所述硬件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,在所述检测当前是否存在定时监控任务之前,还包括:The cloud server monitoring method according to claim 1, wherein the hardware environment reference value is stored in the NV space in the blockchain and/or the preset trusted security chip, and in the detection of whether there is a regular monitoring task currently Before, it also included:
    获取预置硬件可信完整性校验策略;Obtain a pre-built hardware trusted integrity check strategy;
    根据所述硬件可信完整性校验策略中指定的硬件名称,获取当前云服务器中对应硬件的属性值;Obtaining the attribute value of the corresponding hardware in the current cloud server according to the hardware name specified in the hardware trusted integrity check policy;
    根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值。The attribute value of the hardware is calculated according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware.
  3. 根据权利要求2所述的云服务器监控方法,其中,所述软件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,在所述根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值之后,还包括:The cloud server monitoring method according to claim 2, wherein the software environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip, and the hardware is trusted and complete according to the hardware. The first metric algorithm specified in the performance verification strategy calculates the attribute value of the hardware to obtain the hardware environment reference value of the hardware, and further includes:
    获取所述服务器租赁用户选择的云服务器校验策略配置参数,其中,所述云服务器校验策略配置参数包括开启或关闭软件可信完整性校验策略;Acquiring cloud server verification strategy configuration parameters selected by the server leasing user, where the cloud server verification strategy configuration parameters include enabling or disabling a software trusted integrity verification strategy;
    当开启软件可信完整性校验策略时,根据所述云服务器校验策略配置参数,开启云服务器定时监控任务;When the software trusted integrity check strategy is turned on, according to the cloud server check strategy configuration parameters, start the cloud server timing monitoring task;
    根据所述软件可信完整性校验策略中指定的软件名称,获取当前云服务器中对应软件文件;Obtain the corresponding software file in the current cloud server according to the software name specified in the software trusted integrity verification policy;
    根据所述软件可信完整性校验策略中指定的第二度量算法,对所述软件文件进行计算,得到所述软件环境基准值。The software file is calculated according to the second measurement algorithm specified in the software trusted integrity verification strategy to obtain the software environment reference value.
  4. 根据权利要求3所述的云服务器监控方法,其中,所述云服务器校验策略配置参数还包括开启或关闭硬件可信完整性校验策略。The cloud server monitoring method according to claim 3, wherein the cloud server verification strategy configuration parameter further comprises enabling or disabling a hardware trusted integrity verification strategy.
  5. 根据权利要求1所述的云服务器监控方法,其中,所述若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件包括:The cloud server monitoring method according to claim 1, wherein, if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, then it is determined Whether the current cloud server meets the preset alarm conditions includes:
    若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则将预置不可信次数加1;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, add 1 to the preset number of untrustworthy times;
    判断当前不可信次数是否达到预置不可信次数阈值;Judge whether the current number of untrustworthiness reaches the preset threshold of untrustworthiness;
    若增加后的不可信次数达到预置不可信次数阈值,则确定当前云服务器满足告警条件。If the increased number of untrusted times reaches the preset untrusted times threshold, it is determined that the current cloud server meets the alarm condition.
  6. 根据权利要求1所述的云服务器监控方法,其中,所述若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户包括:The cloud server monitoring method according to claim 1, wherein, if the alarm condition is met, generating a hardware credibility report and/or software credibility report corresponding to the current cloud server and sending it to the corresponding cloud server rental user includes :
    若当前云服务器满足告警条件,则获取预置可信报告模板;If the current cloud server meets the alarm conditions, obtain a preset credible report template;
    将所述硬件环境监控值和所述硬件环境基准值,或者所述软件环境监控值和所述软件环境基准值写入所述报告模板中,得到硬件可信报告和/或软件可信报告;Writing the hardware environment monitoring value and the hardware environment reference value, or the software environment monitoring value and the software environment reference value into the report template to obtain a hardware credibility report and/or a software credibility report;
    根据预置邮件地址和预置电话号码,将所述硬件可信报告和/或软件可信报告和预置报警短信发送至所述服务器租赁用户。According to a preset email address and a preset phone number, the hardware credibility report and/or the software credibility report and the preset alarm message are sent to the server rental user.
  7. 根据权利要求1-6中任一项所述的云服务器监控方法,其中,所述云服务器监控方法还包括:The cloud server monitoring method according to any one of claims 1-6, wherein the cloud server monitoring method further comprises:
    获取所述服务器租赁用户更新后的云服务器校验策略配置参数;Obtaining the updated cloud server verification policy configuration parameters of the server rental user;
    根据更新后的云服务器校验策略配置参数,对所述硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新;According to the updated cloud server verification strategy configuration parameters, update the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy;
    根据更新后的硬件可行完整性校验策略和/或软件可行完整性校验策略,对所述硬件环境基准值和/或所述软件环境基准值进行更新。The hardware environment reference value and/or the software environment reference value are updated according to the updated hardware feasible integrity check strategy and/or software feasible integrity check strategy.
  8. 一种云服务器监控设备,其中,所述云服务器监控设备包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的云服务器监控程序,所述处理器执行所述云服务器监控程序时实现如下步骤:A cloud server monitoring device, wherein the cloud server monitoring device includes a memory, a processor, and a cloud server monitoring program stored on the memory and running on the processor, and the processor executes the The following steps are implemented in the cloud server monitoring program:
    检测当前是否存在云服务器定时监控任务;Detect whether there is a scheduled monitoring task for the cloud server currently;
    若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;If there is a cloud server scheduled monitoring task currently, it will trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
    其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
    其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
    若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, then waiting to enter the next round of regular monitoring tasks;
    若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determining whether the current cloud server meets the preset alarm condition;
    若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。If the alarm conditions are met, a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
  9. 根据权利要求8所述的云服务器监控设备,其中,所述处理器执行所述云服务器监控程序实现所述硬件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,在所述检测当前是否存在定时监控任务之前,还包括以下步骤:The cloud server monitoring device according to claim 8, wherein the processor executes the cloud server monitoring program to realize that the hardware environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip , Before detecting whether there is a regular monitoring task currently, the following steps are further included:
    获取预置硬件可信完整性校验策略;Obtain a pre-built hardware trusted integrity check strategy;
    根据所述硬件可信完整性校验策略中指定的硬件名称,获取当前云服务器中对应硬件 的属性值;Obtaining the attribute value of the corresponding hardware in the current cloud server according to the hardware name specified in the hardware trusted integrity check policy;
    根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值。The attribute value of the hardware is calculated according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware.
  10. 根据权利要求9所述的云服务器监控设备,其中,所述处理器执行所述云服务器监控程序实现所述软件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,在所述根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值之后,还包括以下步骤:The cloud server monitoring device according to claim 9, wherein the processor executes the cloud server monitoring program to realize that the software environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip In the above, after calculating the attribute value of the hardware according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware, the method further includes the following steps :
    获取所述服务器租赁用户选择的云服务器校验策略配置参数,其中,所述云服务器校验策略配置参数包括开启或关闭软件可信完整性校验策略;Acquiring cloud server verification strategy configuration parameters selected by the server leasing user, where the cloud server verification strategy configuration parameters include enabling or disabling the software trusted integrity verification strategy;
    当开启软件可信完整性校验策略时,根据所述云服务器校验策略配置参数,开启云服务器定时监控任务;When the software trusted integrity check strategy is turned on, according to the cloud server check strategy configuration parameters, start the cloud server timing monitoring task;
    根据所述软件可信完整性校验策略中指定的软件名称,获取当前云服务器中对应软件文件;Obtain the corresponding software file in the current cloud server according to the software name specified in the software trusted integrity verification policy;
    根据所述软件可信完整性校验策略中指定的第二度量算法,对所述软件文件进行计算,得到所述软件环境基准值。The software file is calculated according to the second measurement algorithm specified in the software trusted integrity verification strategy to obtain the software environment reference value.
  11. 根据权利要求10所述的云服务器监控设备,其中,所述处理器执行所述云服务器监控程序实现所述云服务器校验策略配置参数时,所述云服务器校验策略配置参数还包括开启或关闭硬件可信完整性校验策略。The cloud server monitoring device according to claim 10, wherein when the processor executes the cloud server monitoring program to implement the cloud server verification policy configuration parameter, the cloud server verification policy configuration parameter further comprises enabling or Turn off the hardware trusted integrity check policy.
  12. 根据权利要求8所述的云服务器监控设备,其中,所述处理器执行所述云服务器监控程序实现所述若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件时,包括以下步骤:The cloud server monitoring device according to claim 8, wherein the processor executes the cloud server monitoring program to realize that if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring If the value is inconsistent with the software environment reference value, when judging whether the current cloud server meets the preset alarm conditions, the following steps are included:
    若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则将预置不可信次数加1;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, add 1 to the preset number of untrustworthy times;
    判断当前不可信次数是否达到预置不可信次数阈值;Judge whether the current number of untrustworthiness reaches the preset threshold of untrustworthiness;
    若增加后的不可信次数达到预置不可信次数阈值,则确定当前云服务器满足告警条件。If the increased number of untrusted times reaches the preset untrusted times threshold, it is determined that the current cloud server meets the alarm condition.
  13. 根据权利要求8所述的云服务器监控设备,其中,所述处理器执行所述云服务器监控程序实现所述若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户时,包括以下步骤:The cloud server monitoring device according to claim 8, wherein the processor executes the cloud server monitoring program to realize that if the alarm condition is met, a hardware trust report and/or software corresponding to the current cloud server is generated When the trusted report is sent to the corresponding cloud server rental user, the following steps are included:
    若当前云服务器满足告警条件,则获取预置可信报告模板;If the current cloud server meets the alarm condition, obtain a preset credible report template;
    将所述硬件环境监控值和所述硬件环境基准值,或者所述软件环境监控值和所述软件环境基准值写入所述报告模板中,得到硬件可信报告和/或软件可信报告;Writing the hardware environment monitoring value and the hardware environment reference value, or the software environment monitoring value and the software environment reference value into the report template to obtain a hardware credibility report and/or a software credibility report;
    根据预置邮件地址和预置电话号码,将所述硬件可信报告和/或软件可信报告和预置报警短信发送至所述服务器租赁用户。According to a preset email address and a preset phone number, the hardware credibility report and/or the software credibility report and the preset alarm message are sent to the server rental user.
  14. 根据权利要求8-13中任一项所述的云服务器监控设备,其中,所述处理器执行所述云服务器监控程序时,还包括以下步骤:The cloud server monitoring device according to any one of claims 8-13, wherein when the processor executes the cloud server monitoring program, it further comprises the following steps:
    获取所述服务器租赁用户更新后的云服务器校验策略配置参数;Obtaining the updated cloud server verification policy configuration parameters of the server rental user;
    根据更新后的云服务器校验策略配置参数,对所述硬件可行完整性校验策略和/或软件可行完整性校验策略进行更新;According to the updated cloud server verification strategy configuration parameters, update the hardware feasible integrity verification strategy and/or the software feasible integrity verification strategy;
    根据更新后的硬件可行完整性校验策略和/或软件可行完整性校验策略,对所述硬件环境基准值和/或所述软件环境基准值进行更新。The hardware environment reference value and/or the software environment reference value are updated according to the updated hardware feasible integrity check strategy and/or software feasible integrity check strategy.
  15. 一种计算机可读存储介质,所述计算机可读存储介质中存储计算机指令,当所述计算机指令在计算机上运行时,使得计算机执行如下步骤:A computer-readable storage medium in which computer instructions are stored, and when the computer instructions are executed on a computer, the computer executes the following steps:
    检测当前是否存在云服务器定时监控任务;Detect whether there is a scheduled monitoring task for the cloud server currently;
    若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;If there is a cloud server scheduled monitoring task currently, it will trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check;
    其中,所述云服务器硬件可信完整性校验包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;Wherein, the cloud server hardware trusted integrity check includes: generating a hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity check strategy, and judging the hardware environment monitoring value and the preset hardware Whether the environmental reference value is consistent; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of cloud server software trusted integrity check;
    其中,所述云服务器软件可信完整性校验包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;Wherein, the cloud server software trusted integrity check includes: generating a software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity check strategy, and judging the software environment monitoring value and the preset software Whether the environmental benchmark values are consistent;
    若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;If the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value, then waiting to enter the next round of regular monitoring tasks;
    若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, determining whether the current cloud server meets the preset alarm condition;
    若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。If the alarm conditions are met, a hardware credibility report and/or a software credibility report corresponding to the current cloud server is generated and sent to the corresponding cloud server rental user.
  16. 如权利要求15所述的计算机可读存储介质,所述计算机可读存储介质执行所述计算机指令实现所述硬件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,在所述检测当前是否存在定时监控任务之前,还包括以下步骤:The computer-readable storage medium according to claim 15, wherein the computer-readable storage medium executes the computer instructions to realize that the hardware environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip , Before detecting whether there is a regular monitoring task currently, the following steps are further included:
    获取预置硬件可信完整性校验策略;Obtain a pre-built hardware trusted integrity check strategy;
    根据所述硬件可信完整性校验策略中指定的硬件名称,获取当前云服务器中对应硬件的属性值;Obtaining the attribute value of the corresponding hardware in the current cloud server according to the hardware name specified in the hardware trusted integrity check policy;
    根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值。The attribute value of the hardware is calculated according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware.
  17. 如权利要求16所述的计算机可读存储介质,所述计算机可读存储介质执行所述计算机指令实现所述软件环境基准值存储于区块链和/或预置可信安全芯片中的NV空间中,在所述根据所述硬件可信完整性校验策略中指定的第一度量算法,对所述硬件的属性值进行计算,得到所述硬件的硬件环境基准值之后,还包括以下步骤:The computer-readable storage medium according to claim 16, wherein the computer-readable storage medium executes the computer instructions to realize that the software environment reference value is stored in the NV space in the blockchain and/or a preset trusted security chip In the above, after calculating the attribute value of the hardware according to the first metric algorithm specified in the hardware trusted integrity check policy to obtain the hardware environment reference value of the hardware, the method further includes the following steps :
    获取所述服务器租赁用户选择的云服务器校验策略配置参数,其中,所述云服务器校验策略配置参数包括开启或关闭软件可信完整性校验策略;Acquiring cloud server verification strategy configuration parameters selected by the server leasing user, where the cloud server verification strategy configuration parameters include enabling or disabling the software trusted integrity verification strategy;
    当开启软件可信完整性校验策略时,根据所述云服务器校验策略配置参数,开启云服务器定时监控任务;When the software trusted integrity check strategy is turned on, according to the cloud server check strategy configuration parameters, start the cloud server timing monitoring task;
    根据所述软件可信完整性校验策略中指定的软件名称,获取当前云服务器中对应软件文件;Obtain the corresponding software file in the current cloud server according to the software name specified in the software trusted integrity verification policy;
    根据所述软件可信完整性校验策略中指定的第二度量算法,对所述软件文件进行计算,得到所述软件环境基准值。The software file is calculated according to the second measurement algorithm specified in the software trusted integrity verification strategy to obtain the software environment reference value.
  18. 如权利要求17所述的计算机可读存储介质,所述计算机可读存储介质执行所述计算机指令实现所述云服务器校验策略配置参数时,所述云服务器校验策略配置参数还包括开启或关闭硬件可信完整性校验策略。The computer-readable storage medium according to claim 17, when the computer-readable storage medium executes the computer instructions to implement the cloud server verification policy configuration parameters, the cloud server verification policy configuration parameters further include enabling or Turn off the hardware trusted integrity check policy.
  19. 如权利要求15所述的计算机可读存储介质,所述计算机可读存储介质执行所述计算机指令实现所述时若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件,包括以下步骤:15. The computer-readable storage medium according to claim 15, wherein when the computer-readable storage medium executes the computer instructions to realize the said, if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment If the monitoring value is inconsistent with the software environment reference value, then judging whether the current cloud server meets the preset alarm conditions, including the following steps:
    若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则将预置不可信次数加1;If the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value, add 1 to the preset number of untrustworthy times;
    判断当前不可信次数是否达到预置不可信次数阈值;Judge whether the current number of untrustworthiness reaches the preset threshold of untrustworthiness;
    若增加后的不可信次数达到预置不可信次数阈值,则确定当前云服务器满足告警条件。If the increased number of untrusted times reaches the preset untrusted times threshold, it is determined that the current cloud server meets the alarm condition.
  20. 一种云服务器监控装置,其中,所述云服务器监控装置包括:A cloud server monitoring device, wherein the cloud server monitoring device includes:
    检测模块,用于检测当前是否存在云服务器定时监控任务;The detection module is used to detect whether there is a scheduled monitoring task of the cloud server currently;
    校验模块,用于若当前存在云服务器定时监控任务,则触发执行云服务器硬件可信完整性校验和/或云服务器软件可信完整性校验;The verification module is used to trigger the execution of the cloud server hardware credible integrity check and/or the cloud server software credible integrity check if there is a cloud server timing monitoring task currently;
    其中,所述校验模块包括:Wherein, the verification module includes:
    硬件校验单元,用于执行云服务器硬件可信完整性校验,具体包括:根据预置硬件可信完整性校验策略,生成当前云服务器对应的硬件环境监控值,并判断所述硬件环境监控值与预置硬件环境基准值是否一致;若所述硬件环境监控值与所述硬件环境基准值一致,则触发执行云服务器软件可信完整性校验;The hardware verification unit is used to perform cloud server hardware trusted integrity verification, which specifically includes: generating the hardware environment monitoring value corresponding to the current cloud server according to a preset hardware trusted integrity verification strategy, and judging the hardware environment Whether the monitoring value is consistent with the preset hardware environment reference value; if the hardware environment monitoring value is consistent with the hardware environment reference value, trigger the execution of the cloud server software trusted integrity check;
    软件校验单元,用于执行云服务器软件可信完整性校验,具体包括:根据预置软件可信完整性校验策略,生成当前云服务器对应的软件环境监控值,并判断所述软件环境监控值与预置软件环境基准值是否一致;The software verification unit is used to perform cloud server software trusted integrity verification, which specifically includes: generating the software environment monitoring value corresponding to the current cloud server according to a preset software trusted integrity verification strategy, and judging the software environment Whether the monitoring value is consistent with the preset software environment reference value;
    待机模块,用于若所述硬件环境监控值与所述硬件环境基准值一致,和/或若所述软件环境监控值与预置软件环境基准值一致,则等待进入下一轮定时监控任务;The standby module is configured to wait to enter the next round of regular monitoring tasks if the hardware environment monitoring value is consistent with the hardware environment reference value, and/or if the software environment monitoring value is consistent with the preset software environment reference value;
    判断模块,用于若所述硬件环境监控值与所述硬件环境基准值不一致,或者所述软件环境监控值与所述软件环境基准值不一致,则判断当前云服务器是否满足预置告警条件;A judgment module, configured to judge whether the current cloud server meets preset alarm conditions if the hardware environment monitoring value is inconsistent with the hardware environment reference value, or the software environment monitoring value is inconsistent with the software environment reference value;
    告警模块,用于若满足所述告警条件,则生成当前云服务器对应的硬件可信报告和/或软件可信报告并发送至对应云服务器租赁用户。The alarm module is configured to generate a hardware credibility report and/or software credibility report corresponding to the current cloud server if the alarm condition is met, and send it to the corresponding cloud server rental user.
PCT/CN2020/122338 2020-06-16 2020-10-21 Cloud server monitoring method, apparatus and device, and storage medium WO2021139308A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010547614.7 2020-06-16
CN202010547614.7A CN111737081B (en) 2020-06-16 2020-06-16 Cloud server monitoring method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
WO2021139308A1 true WO2021139308A1 (en) 2021-07-15

Family

ID=72649373

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/122338 WO2021139308A1 (en) 2020-06-16 2020-10-21 Cloud server monitoring method, apparatus and device, and storage medium

Country Status (2)

Country Link
CN (1) CN111737081B (en)
WO (1) WO2021139308A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114389971A (en) * 2022-03-23 2022-04-22 苏州浪潮智能科技有限公司 Intelligent monitoring fine adjustment method, device, equipment and storage medium

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111737081B (en) * 2020-06-16 2022-05-17 平安科技(深圳)有限公司 Cloud server monitoring method, device, equipment and storage medium
CN115174210A (en) * 2022-06-30 2022-10-11 珠海奔图电子有限公司 Credible report generation method and electronic equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103501303A (en) * 2013-10-12 2014-01-08 武汉大学 Active remote attestation method for measurement of cloud platform virtual machine
US20140298439A1 (en) * 2011-04-18 2014-10-02 Bank Of America Corporation Trusted Hardware for Attesting to Authenticity in a Cloud Environment
CN106656915A (en) * 2015-10-30 2017-05-10 深圳市中电智慧信息安全技术有限公司 Cloud security server based on trusted computing
CN110197073A (en) * 2019-05-30 2019-09-03 苏州浪潮智能科技有限公司 A kind of method and system based on self checking mechanism protected host integrality
CN110515699A (en) * 2019-08-20 2019-11-29 苏州浪潮智能科技有限公司 A kind of method and apparatus of acquisition virtual machine place platform credible state
CN111008379A (en) * 2019-11-22 2020-04-14 腾讯科技(深圳)有限公司 Firmware safety detection method of electronic equipment and related equipment
CN111737081A (en) * 2020-06-16 2020-10-02 平安科技(深圳)有限公司 Cloud server monitoring method, device, equipment and storage medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101515933A (en) * 2009-03-16 2009-08-26 中兴通讯股份有限公司 Method and system for detecting the completeness of network equipment software and hardware
CN103605784A (en) * 2013-11-29 2014-02-26 北京航空航天大学 Data integrity verifying method under multi-cloud environment
TWI521480B (en) * 2014-03-28 2016-02-11 D Link Corp A safe care system that can actively detect the location of the terminal device
CN103905461B (en) * 2014-04-14 2017-02-01 北京工业大学 Cloud service behavior trustworthiness attestation method and system based on trusted third party
CN108259422B (en) * 2016-12-29 2021-07-16 中兴通讯股份有限公司 Multi-tenant access control method and device
CN109144813B (en) * 2018-07-26 2022-08-05 郑州云海信息技术有限公司 System and method for monitoring server node fault of cloud computing system
CN109491866A (en) * 2018-11-09 2019-03-19 郑州云海信息技术有限公司 Monitor method, apparatus, terminal and the computer readable storage medium of storage hardware

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140298439A1 (en) * 2011-04-18 2014-10-02 Bank Of America Corporation Trusted Hardware for Attesting to Authenticity in a Cloud Environment
CN103501303A (en) * 2013-10-12 2014-01-08 武汉大学 Active remote attestation method for measurement of cloud platform virtual machine
CN106656915A (en) * 2015-10-30 2017-05-10 深圳市中电智慧信息安全技术有限公司 Cloud security server based on trusted computing
CN110197073A (en) * 2019-05-30 2019-09-03 苏州浪潮智能科技有限公司 A kind of method and system based on self checking mechanism protected host integrality
CN110515699A (en) * 2019-08-20 2019-11-29 苏州浪潮智能科技有限公司 A kind of method and apparatus of acquisition virtual machine place platform credible state
CN111008379A (en) * 2019-11-22 2020-04-14 腾讯科技(深圳)有限公司 Firmware safety detection method of electronic equipment and related equipment
CN111737081A (en) * 2020-06-16 2020-10-02 平安科技(深圳)有限公司 Cloud server monitoring method, device, equipment and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114389971A (en) * 2022-03-23 2022-04-22 苏州浪潮智能科技有限公司 Intelligent monitoring fine adjustment method, device, equipment and storage medium
CN114389971B (en) * 2022-03-23 2022-12-23 苏州浪潮智能科技有限公司 Intelligent monitoring fine adjustment method, device, equipment and storage medium
WO2023178923A1 (en) * 2022-03-23 2023-09-28 苏州浪潮智能科技有限公司 Intelligent monitoring micro-adjustment method and apparatus, device, and storage medium

Also Published As

Publication number Publication date
CN111737081A (en) 2020-10-02
CN111737081B (en) 2022-05-17

Similar Documents

Publication Publication Date Title
WO2021139308A1 (en) Cloud server monitoring method, apparatus and device, and storage medium
EP3765985B1 (en) Protecting storage by detecting unrecommended access
CN110334521B (en) Trusted computing system construction method and device, trusted computing system and processor
US8161285B2 (en) Protocol-Independent remote attestation and sealing
US8572692B2 (en) Method and system for a platform-based trust verifying service for multi-party verification
US8966642B2 (en) Trust verification of a computing platform using a peripheral device
US11714910B2 (en) Measuring integrity of computing system
JP4843246B2 (en) Method and system for booting a trusted server having redundant trusted platform modules
TWI791975B (en) Detecting security threats by monitoring chains of configuration changes made to basic input/output system (bios) or unified extensible firmware interface (uefi) attributes
US9270467B1 (en) Systems and methods for trust propagation of signed files across devices
US10915632B2 (en) Handling of remote attestation and sealing during concurrent update
US10769045B1 (en) Measuring effectiveness of intrusion detection systems using cloned computing resources
JP6293133B2 (en) Network-based management of protected data sets
US10122739B2 (en) Rootkit detection system and method
US10073980B1 (en) System for assuring security of sensitive data on a host
CN110334515B (en) Method and device for generating measurement report based on trusted computing platform
US20240104213A1 (en) Securing node groups
US10713352B2 (en) Method and apparatus for trusted measurement
US20230388278A1 (en) Detecting and mitigating forged authentication object attacks in multi - cloud environments with attestation
EP4283498A2 (en) Virtual environment type validation for policy enforcement
US11251976B2 (en) Data security processing method and terminal thereof, and server
US11645390B2 (en) Cloud-based method to increase integrity of a next generation antivirus (NGAV) security solution in a virtualized computing environment
KR20210132545A (en) Apparatus and method for detecting abnormal behavior and system having the same
Shang et al. ICS software trust measurement method based on dynamic length trust chain
CN110874474A (en) Lessocian virus defense method, Lessocian virus defense device, electronic device and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20911757

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20911757

Country of ref document: EP

Kind code of ref document: A1