Trusted Connection System based on Virtual Machine Architecture
With the rapid development of virtuatization technology, virtual machine (VM) is widely used by cloud computing -the more and more popular computing paradigm. Thus, in order to guarantee the security of cloud computing, it is necessary to securely identify the kernel of VM, the software stack running on VM and the hardware platform which VM relies on. This paper designs a system of trusted connection based on virtual machine architecture and implements a system prototype. Our system not only can securely measure and identify the kernel of VM, the software stack running on VM and the hardware platform which VM relies on, but also can realize isolations to untrusted VMs. There are three main parts in our system: trusted chain, attestation and isolation. The experiments described in this paper prove that our system ensures trusted connection of VMs and achieves isolations to untrusted VMs. The performance of our system is also analyzed and evaluated. According to the analysis results, our system is practical in terms of performance.
Trusted Connection Virtual Machine Trusted Chain Attestation Isolation
Kai ZHANG Ying SONG Hai-feng FANG Yu-zhong SUN
Key Laboratory of Computer System and Architecture, Institute of Computing Technology, Chinese Acade Key Laboratory of Computer System and Architecture, Institute of Computing Technology, Chinese Acade
国际会议
成都
英文
192-196
2010-07-07(万方平台首次上网日期,不代表论文的发表时间)