Remote attestation scheme for cloud platform based on double-layer unbalanced hash tree

Xing RONG; Chang-xiang SHEN; Rong JIANG; Yong ZHAO

doi:10.11959/j.issn.1000-436x.2017180

您当前的位置：

首页 >

文章列表页 >

Remote attestation scheme for cloud platform based on double-layer unbalanced hash tree

Papers | 更新时间：2024-06-05

- Remote attestation scheme for cloud platform based on double-layer unbalanced hash tree
- Journal on Communications Vol. 38, Issue 9, Pages: 31-38(2017)
- 作者机构：
  
  1. 解放军信息工程大学三院，河南郑州450004
  2. 北京工业大学计算机学院，北京 100124
  3. 国防科技大学六院，湖南长沙 410073
- 作者简介：
- 基金信息：
- DOI：10.11959/j.issn.1000-436x.2017180
  CLC： TP309
- Online First：2017-09，
  
  Published：25 September 2017
- 稿件说明：
移动端阅览
Xing RONG, Chang-xiang SHEN, Rong JIANG, et al. Remote attestation scheme for cloud platform based on double-layer unbalanced hash tree[J]. Journal on Communications, 2017, 38(9): 31-38.
DOI：

Xing RONG, Chang-xiang SHEN, Rong JIANG, et al. Remote attestation scheme for cloud platform based on double-layer unbalanced hash tree[J]. Journal on Communications, 2017, 38(9): 31-38. DOI： 10.11959/j.issn.1000-436x.2017180.

摘要

为验证云服务的可信性，提出一种改进的基于非平衡散列树的云平台远程验证方案。通过引入层级构建双层非平衡散列树，将原先的单一树扩展为主树和子树，二者分别对应云服务平台中的虚拟机和虚拟机中的运行组件，证明时仅需要提供待度量组件和认证路径。分析表明，该方案进一步提高了云平台的证明效率，并且具有较好的隐私保护能力和可伸缩性，能够很好地用于云服务的可信性证明。

Abstract

In order to validate the service of cloud

an improved remote attestation scheme based on unbalanced hash tree of cloud platform was proposed.Double-layer unbalanced hash tree was built by introducing layer

original single tree was expanded to main tree and sub tree

which corresponded to virtual machine in cloud platform and the running components in virtual machine.Attestation needs no more than measurement component and authentication path.The analysis shows that this scheme can increase the attestation efficiency of cloud platform

and is good at protecting privacy and expandability

which is suitable for validating cloud platform service.

关键词

Keywords

references

SANTOS N , GUMMADI K P , RODRIGUES R . Towards trusted cloud computing [C ] // Conference on Hot Topics in Cloud Computing . 2009 : 1 - 5 .

刘川意 , 方滨兴 . T-YUN:云提供商可信性审计与验证 [J ] . 信息网络安全 , 2012 , 8 : 97 - 100 .

LIU C Y , FANG B X . T-YUN:trustworthiness audit and verification of the cloud [J ] . Netinfo Security , 2012 , 8 : 97 - 100 .

张焕国 , 罗捷 , 金刚 , 等 . 可信计算研究进展 [J ] . 武汉大学学报（理学版） , 2006 , 52 ( 5 ): 513 - 518 .

ZHANG H G , LUO J , JIN G , et al . Research progress of trusted computing environment [J ] . Journal of Wuhan University:Natural Science Edition , 2006 , 52 ( 5 ): 513 - 518 .

SAILER R , ZHANG X , JAEGER T , et al . Design and implementation of a TCG-based integrity measurement architecture [C ] // USENIX Security Symposium . 2004 : 223 - 238 .

徐梓耀 , 贺也平 , 邓灵莉 . 一种保护隐私的高效远程验证机制 [J ] . 软件学报 , 2011 , 22 ( 2 ): 339 - 352 .

XU Z Y , HE Y P , DENG L L . Efficient remote attestation mechanism with privacy protection [J ] . Journal of Software , 2011 , 22 ( 2 ): 339 - 352 .

翁晓康 , 张平 , 王炜 , 等 . 基于非平衡散列树的平台完整性远程验证机制 [J ] . 计算机应用 , 2014 , 34 ( 02 ): 433 - 437 .

WENG X K , ZHANG P , WANG W , et al . Remote attestation mechanism for platform integrity based on unbalanced-hash tree [J ] . Journal of Computer Applications , 2014 , 34 ( 2 ): 433 - 437 .

YAN J , ZHAO Y . Trusted attestation of behavior measurement based on Merkle hash tree [J ] . Journal of Computational Information Systems , 2013 , 9 ( 9 ): 3443 - 3451 .

朱毅 , 李清宝 , 钟春丽 , 等 . 用于细粒度完整性度量的非平衡二叉散列树模型 [J ] . 小型微型计算机系统 , 2014 , 35 ( 7 ): 1604 - 1609 .

ZHU Y , LI Q B , ZHONG C L , et al . Non-balanced binary hash-tree model for fine-grained integrity measurement [J ] . Journal of Chinese Computer Systems , 2014 , 35 ( 7 ): 1604 - 1609 .

ENGLAND P , . Practical techniques for operating system attestation [C ] // Trusted Computing Challenges and Applications,First International Conference on Trusted Computing and Trust in Information Technologies,Trust 2008 . 2008 : 1 - 13 .

Views

1869

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Cryptographic service optimization scheduling algorithm for collaborative jobs in cloud environment

M-RSF: a multilevel feedback queue task scheduling mechanism for Unikernel

Scheduling framework based on reinforcement learning in online-offline colocated cloud environment

Overview of research on trusted attestation technology of cloud virtualization platform

Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing

Related Author

CAO Xiaogang

LI Fenghua

GENG Kui

LI Zifu

KOU Wenlong

DONG Bonan

YANG Qiusong

LI Mingshu

Related Institution

Institute of Information Engineering, Chinese Academy of Sciences

School of Cyber Security, University of Chinese Academy of Sciences

Key Laboratory of Cyberspace Security Defense

University of Chinese Academy of Sciences

National Engineering Research Center for Fundamental Software, Institute of Software Chinese Academy of Sciences

AI问答

⁰