CN101866408B - Transparent trust chain constructing system based on virtual machine architecture - Google Patents
Transparent trust chain constructing system based on virtual machine architecture Download PDFInfo
- Publication number
- CN101866408B CN101866408B CN2010102143340A CN201010214334A CN101866408B CN 101866408 B CN101866408 B CN 101866408B CN 2010102143340 A CN2010102143340 A CN 2010102143340A CN 201010214334 A CN201010214334 A CN 201010214334A CN 101866408 B CN101866408 B CN 101866408B
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- disk
- operating system
- module
- operating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
本发明公开了一种基于虚拟机架构的透明信任链构建系统,该系统在主机上设置有虚拟机监控器,虚拟机监控器包括安全芯片驱动模块、系统调用解析模块和磁盘操作解析度量模块。该发明在虚拟机监控器中度量操作系统以及操作系统启动后加载的可执行代码,而不需要对现有的操作系统和应用程序进行任何的修改。本发明能够获取客户机内操作系统的系统调用和磁盘访问等低级操作语义信息,对客户机操作系统的操作语义中进行解析,并控制客户操作系统对磁盘的操作来实现透明度量。该技术可以用于分布式协作环境中,提供对操作系统透明的信任链和完整性证明。本发明可以保护用户的既有财产,使现有的操作系统不需要做任何修改可以支持进程级的TCG信任链。
The invention discloses a transparent trust chain construction system based on a virtual machine architecture. The system is provided with a virtual machine monitor on a host computer. The virtual machine monitor includes a safety chip driver module, a system call analysis module and a disk operation analysis measurement module. The invention measures the operating system and the executable code loaded after the operating system is started in the virtual machine monitor without any modification to the existing operating system and application programs. The invention can obtain low-level operation semantic information such as system call and disk access of the operating system in the client computer, analyze the operation semantics of the client operating system, and control the operation of the client operating system on the disk to achieve transparency. This technology can be used in a distributed collaborative environment, providing a trust chain and integrity proof transparent to the operating system. The invention can protect the user's existing property, so that the existing operating system can support the process-level TCG trust chain without any modification.
Description
Technical field
The invention belongs to the Trusted Computing field, be specifically related to a kind of based on virtual machine architecture to the transparent trust chain constructing system of operating system.
Background technology
Along with the development of infotech, modern society more and more depends on computer system.Particularly in recent years, under the promotion of Internet technology, computing machine more and more is applied in the fields such as society and politics, economy, education and military affairs, makes become more important of the security of computing platform.Yet since computing machine came out, computer security issue existed with regard to the development that is accompanied by computing machine always.In the last thirty years, its loss that causes is also more and more serious.A major reason that causes this situation is that the traditional security protection mode and the inherent shortcoming of software are not enough to defend increasing computer security issue: first, fire wall, intrusion detection and virus prevention are the major technique means that constitute the conventional information security system, these technological means are a kind of response modes afterwards, promptly in attacking the generation back or carrying out, by the lag information analysis of having taken place is judged whether there is attack, thereby respond accordingly or protect.In the face of current increasingly sophisticated and changeful malicious attack means, the often unable reply new attack of these corresponding afterwards traditional preventive means mode; The second, existing platform architecture is open, and computer resource can be used arbitrarily, and especially run time version can be revised arbitrarily.Therefore, under existing software architecture, rogue program is easy to implant in the software systems.If lack the support of related hardware, only relying on software itself is to detect malicious code fully, because all attempt can't prove all that by the method for software detection malicious code it is safe detecting software self.
Overcome these problems; Trusted Computing provides a new thinking: from the security of incoming end enhanced system; make the computing platform of each incoming end of system all have the certain physical protection, and on such platform, make up believable computing environment by way of hardware and software combination.Trusted computation environment can guarantee that the calculating of carrying out on it has some characteristic, for example uses trusted computation environment to guarantee wherein authenticity, confidentiality and the controllability etc. of working procedure and data.These characteristics of utilizing trusted computation environment to provide can remedy the deficiency that only relies on software security protection mode to bring, thereby better solve problem and challenge that computer security faces.
TCG is the standardization body of Trusted Computing, has formulated about credible calculating platform, trusted storage and a series of technical manuals such as trustable network is connected.Its core is credible platform module TPM (TrustedPlatform Module) and related specifications.At home, national Password Management office has issued " creditable calculation password support platform function and interface " and has come into effect in Dec, 2007, this normalized definition domestic safety chip (Trusted Cryptography Module, design standards TCM).
Trust chain is the gordian technique that makes up credible calculating platform, the TPM standard or the domestic TCM standard that are TCG all are to adopt the scheme of loading preceding tolerance, from credible tolerance root CRTM (Core of Root Trusted Measurement), successively each module is carried out integrity measurement, chain progressively breaks the wall of mistrust.
Trust chain constructing in the above-mentioned standard has only defined the fixedly initiating sequence that tolerance loads, and how definition does not expand to application layer with trust chain.In fact behind os starting, also have a large amount of executable codes to be loaded (kernel module, binary shared library, script, plug-in unit, process or the like), and the executable code that these are loaded does not have fixing sequence according to the application demand of reality.Simultaneously, the process in the operating system may be to interdepend, and the isolation that operating system provides is more weak, all processes all may influence each other, therefore all executable codes are no matter it is to be loaded by operating system, the dynamic load device, or program code all needing of loading measured.
How behind os starting, trust chain being expanded to the application software layer, is the focus in the trust chain research.Carried out a series of researchs in the world, such as: people's such as people's such as the breadboard BEAR research project of the PKI of Dartmouth university, IBM research centre Sailer IMA system, the Jaeger of Pennsylvania university PRIMA system etc.These systems all are the retouching operation system kernels, the executable code tolerance after realizing starting by the mode that some system call is added hook.The mode of revising kernel has a lot of defectives: at first this mode is opaque to operating system, and this makes the commercial operation system that has disposed can't support the integrity measurement and the authentication of application layer.Secondly, aforesaid way need be with operating system as trusting base (TCB), and operating system code is huge, the more and very difficult discovery of system vulnerability quantity.Embarrass the trust chain that makes up process level that enough credible supports are provided with operating system as credible base.
Virtual machine architecture can isolation software and hardware, application software and first floor system between direct dependence.Compare operating system, the monitor of virtual machine size of code is little, leak is few.Monitor of virtual machine can provide the safety stronger than operating system to isolate, and has advantages such as can simulating special hardware equipment.Simultaneously, in virtual machine architecture, monitor of virtual machine is positioned at operating system lower floor, has higher level of privilege, can observe the behavior of operating system inside.Therefore, make up trust chain based on virtual machine architecture, have operating system transparent, advantage such as credible base is little.
Summary of the invention
At being the problems that exist in the process level trust chain constructing of credible base with operating system, the invention provides a kind of transparent trust chain constructing system based on virtual machine architecture, this system does not need existing operating system and application program are carried out any modification, system call and the disk access information of this invention by obtaining the client computer internal operating system, operational semantics in the Client OS is resolved, and the control operation system realizes transparent tolerance to the operation of disk.
A kind of transparent trust chain constructing system provided by the invention based on virtual machine architecture, main frame is the processor of support hardware Intel Virtualization Technology, be provided with TPM or TCM safety chip in it, it is characterized in that, this main frame is provided with monitor of virtual machine, and described monitor of virtual machine comprises safety chip driver module, system call parsing module and disk operating parsing metric module; The safety chip driver module is realized visit and management to TPM or TCM safety chip according to TPM standard or TCM standard; The system call parsing module is after the client operating system nucleus loading finishes, at first by intercepting and capturing the system call relevant with executable code, obtain the system call information relevant with executable code, information comprises system call parameter and file directory, and information is sent to disk operating parsing metric module; Disk operating is resolved metric module and is produced corresponding encryption key by calling the safety chip driver module for each client operating system, the unloading phase of client operating system, and the operating system nucleus that tolerance is written into; After the client operating system nucleus loading finishes, disk access data when obtaining the virtual machine operation, and system call parameter and the file directory transmitted according to the system call parsing module, disk access semanteme when resolving the virtual machine operation, and contrast the disk access data that it obtains, corresponding executable code is met the metric operations of TCG/TCM standard, and will measure the result and be kept on the disk, use and encrypt with the corresponding encryption key of this client operating system.
The objective of the invention is to utilize monitor of virtual machine to make up, make computing platform can be converted to credible calculating platform, thereby promoted security of system based on common commercial operating system to the transparent trust chain of operating system.The executable code that system of the present invention loads behind monitor of virtual machine vacuum metrics operating system nucleus and os starting, and do not need existing operating system and application program are carried out any modification.The present invention utilizes in the virtual machine architecture, monitor of virtual machine is in the lower floor of client operating system, can obtain the characteristic of low-level operation semantic informations such as the system call of client computer internal operating system and disk access, operational semantics in the Client OS is resolved, and the control operation system realizes transparent tolerance to the operation of disk.Compare with existing mode, the present invention can make its trust chain that can support process-level not needing operating system is made under the situation of any modification, and can make the commercial operation system that has disposed can support the credible startup of TCG.The mode of modified in comparison operating system nucleus, the monitor of virtual machine size of code is little, and leak is few, makes total system have littler trust base.
Description of drawings
Fig. 1 is based on the transparent trust chain constructing system structural representation of virtual machine architecture.
Fig. 2 is the system architecture synoptic diagram of system call parsing module.
Fig. 3 is the system architecture synoptic diagram of semantic parsing of disk operating and metric module.
Fig. 4 is the reverse mapping structure synoptic diagram of upper directory and file.
Fig. 5 is based on the transparent trust chain constructing schematic flow sheet of virtual machine architecture.
Embodiment
In order to make the features and advantages of the present invention obtain clearer understanding, below in conjunction with accompanying drawing, be described below in detail: Fig. 1 and described system architecture synoptic diagram of the present invention and with the realization of the formal specification correlation function of module, main frame (hardware) need have (the Trusted ComputingGroup of the Trusted Computing of meeting alliance, the safety chip of (TPM) standard of credible platform module TCG) or Chinese credible password module (TCM) standard, and the processor of support hardware Intel Virtualization Technology (hardware is assisted virtualization processor); Monitor of virtual machine is set on hardware, and it has the safety chip driver module, and metric module and system call parsing module are resolved in disk operating.
Monitor of virtual machine among the present invention is meant the monitor of virtual machine at hardware abstraction aspect (Hardware AbstractionLayer, i.e. HAL).The normal operations system that moves in virtual machine is called as client operating system.Virtual machine in the Intel Virtualization Technology of hardware abstraction aspect (also claiming client computer) execution environment has identical instruction set with main frame.The processor of support hardware auxiliary virtual (the hardware virtualization technology of Intel VT or AMD-V) has been introduced two new processor state-virtual machine root attitudes and Fei Gen attitude.Monitor of virtual machine runs on virtual machine root attitude, and client computer runs on non-attitude of virtual machine, can move commercial Windows and linux version (operating system of moving in virtual machine is also referred to as client operating system) that the normal operations system comprises each version in the virtual machine.Monitor of virtual machine arrives physical resource with the mapping resources that virtual machine needs, and when virtual machine needed the access critical physical resource, monitor of virtual machine was taken over its physical resource and properly multiplexed.
The safety chip driver module is realized the requirement of the TSS standard of TCG, provides TCM service module in the management of TPM and the interface of application access TPM (safety chip of main frame meets the TPM standard) or realization China " creditable calculation password support platform function and interface specification " is required (safety chip of main frame meets the TCM standard).
The system call parsing module obtains the information that is written into of executable code, and disk operating parsing metric module is finished tolerance work.Be described in detail as follows to system call parsing module and disk operating parsing metric module respectively below:
(1) system call parsing module
The system call parsing module is after the client operating system nucleus loading finishes, at first by intercepting and capturing and executable code (kernel module, binary shared library, script, plug-in unit, program etc.) system call information of executable code is obtained in Xiang Guan system call then, and these information are sent to disk operating resolves metric module.
(1) system call is intercepted and captured:
The intercepting and capturing of system call need the system call parsing module to make system call can cause the conversion of processor state by specific setting, thereby make monitor of virtual machine can get involved the system call process of process in the virtual machine.The system call (rapid system calls or INT calls) that specific setting and operating system adopt is closely related.Hereinafter the set-up mode that adopts the operating system that rapid system calls is described.
As shown in Figure 2, the system call parsing module is provided with by a processor register that uses during the X86 rapid system is called, thereby makes system call cause that page fault is trapped in the monitor of virtual machine.The rapid system of X86 calls and uses the SYSENTER instruction to make processor jump to kernel state address given in advance from user's attitude.This address is stored in the special register of SYSENTER_EIP_MSR by name, and this register only allows just can be set up when processor is in kernel state.System call parsing module SYSENTER_EIP_MSR value is set to a non-existent address, and original address is kept in the address space of monitor of virtual machine.When the program of user's attitude needed system service, its appointing system call number called the SYSENTER instruction then with relevant parameter.This will cause that thereby page fault makes processor enter virtual machine root attitude, and monitor of virtual machine obtains the control of processor.The system call parsing module is the address of page fault relatively, if the value that is provided with among the SYSENTER_EIP_MSR that coexists is identical, with regard to meaning person system call has taken place.
Monitor of virtual machine there is no need to follow the trail of all system calls, in fact only needing tracking to be written into relevant system call with executable code gets final product, for example for (SuSE) Linux OS, dynamically being written into by INSMOD of loadable module called, and new process is replaced existing code by the EXECVE system call.
(2) information of system call is obtained:
The system call parsing module also needs to obtain the information that said system is called, and these information comprise the path and the system call parameter of executable code.This needs the system call parsing module to understand the inner core and the operational semantics of client operating system.With the (SuSE) Linux OS is example, if obtain the task_struct that the informational needs such as absolute path of executable code obtain current process.The system call parsing module obtains the CPU stack pointer from the ESP register, this pointer is used for depositing the address of stack top location.In the 80x86 system, stack originates in end, and the direction that begins towards this memory field increases.ESP points to current stack top 0x0111a878 and the thread_info structure is to begin to deposit from 0x0111a000.If the length of thread_info is 4KB, so the plot that just can obtain thread_info is fallen in low 12 bit masks of ESP, first field of thread_info is pointed to the pointer of task_struct, thereby can obtain the information of depositing in the task_struct.For the parameter of system call, directly visit relevant register such as ebx, ecx ... wait general-purpose register to obtain.
(2) metric module is resolved in disk operating
Disk operating is resolved metric module and is produced corresponding encryption key by calling the safety chip driver module for each client operating system.The unloading phase of client operating system, the operating system nucleus that tolerance is written into; After the client operating system nucleus loading finishes, obtain the disk access data, and according to the system call parameter of system call parsing module transmission and the directory information of these codes, the disk access data that contrast is obtained, the metric operations that corresponding executable code is met the TCG/TCM standard, and will measure the result and be kept on the disk, use and encrypt with the corresponding encryption key of this client operating system.
(1) kernel of tolerance client operating system
In the virtual machine activation stage, monitor of virtual machine directly is not written into the kernel image file of operating system, and provides the virtual BIOS guidance code in os starting stage, and transfers control to this section code.Metric module is resolved in disk operating increases the memory location that Hook Function obtains the operating system nucleus image file of loading in the BIOS guidance code, and this kernel mirror image is operated.To load the Linux virtual machine image in the Xen monitor of virtual machine is example.Need in the QEMU of Xen simulator, analyze the boot sector (MBR) of Linux virtual machine image, obtain the bootstrap loader of Linux, from bootstrap loader, obtain the memory location of linux kernel mirror image, and it is measured to bootstrap loader and linux kernel mirror image.
Before disk operating parsing metric module was carried out metric operations, it need call the standard program interface that the safety chip driver module provides, and chip safe in utilization is that corresponding client operating system produces encryption key.Disk operating is resolved metric module and need be used this key that the tolerance result is encrypted, and the tolerance result that will encrypt is saved on the disk.
Disk access data when (2) obtaining the virtual machine operation
In the virtual machine operation phase, as shown in Figure 3, metric module is resolved in disk operating need increase Hook Function on the communication path of virtual machine with monitor of virtual machine, obtain the visit data of virtual machine to disk, and measure.The disk access data of obtaining are relevant with operating system with concrete hardware structure.The disk access data of obtaining comprise the physical block number of read-write or to the access instruction of virtual disk port and parameter (the virtualized implementation of I/O that depends on monitor of virtual machine, half is virtual or fully virtualized).With half virtualized driving (PV-on-HVM driver) in the Xen virtual machine is example, Xen uses block device framework--Blktap framework, and disk operating is resolved metric module and driven the disk access data that read virtual machine in (in the TAPDISK function of Blktap framework) at the I/O that is driven into monitor of virtual machine of virtual machine.
Disk access semanteme when (3) resolving the virtual machine operation
The lower floor that metric module is in client operating system is resolved in disk operating, and the virtual machine that obtains visit data in magnetic disk comprises the physical block number of operating system read-write or to rudimentary disk access semantic informations such as the access instruction of virtual disk port and parameters (depend on the virtual mode of I/O of monitor of virtual machine-fully virtualized or half virtual).And be senior semantic information (catalogue of visit and fileinfo) from the system call information of system call parsing module transmission.Disk operating is resolved metric module and is obtained in the virtual machine operating system to the senior semanteme (catalogue of visit and fileinfo) of disk operating by setting up rudimentary semantic information (access instruction of physical block number or virtual disk port and parameter) to the reverse mapping of topmost paper and catalogue.
Disk operating is resolved metric module and recover catalogue and file operational semantics from the disk block operation of bottom, sets up the reverse mapping (as shown in Figure 5) of these bottom disk blocks to upper directory and file.The file system of operating system is divided into logical block with file, and the service logic piece is to the mapping of physical block.Disk operating parsing metric module is just in time opposite to the semantic resolving inversely of virtual machine disk operating, and it is mapped to topmost paper with disk block.Obviously, semantic resolving inversely of virtual machine disk operating and client operating system current file system format and virtualization architecture (half is virtual or fully virtualized) are closely related.With the ext2 file system is example, and it is made of the piece group of a bootstrap block and repetition, and each piece group is made of superblock, group descriptor table, bitmap block, index node bitmap, index node table, data field again.Monitor of virtual machine need be set up the data structure of some similar Virtual File Systems in its memory headroom, the information of bibliographic structure is changed into corresponding disk block number.Disk operating is resolved rudimentary semantic operation (disk number) that metric module obtains and can be mated in these data structures and derive senior operational semantics (catalogue or fileinfo).For example suppose the corresponding disk block 211105,211106 of file/etc/init.d/rc, the corresponding disk block 223236 of file/etc/profile.If the low-level operation semanteme that semantic parsing and metric module are obtained is that disk block 211105 has been carried out read operation, can infer that so the high-level semantic of current I/O is to read file/etc/init.d/rc.
(4) metric operations
As shown in Figure 3, resolve in the metric module in disk operating, by the semantic parse operation of reverse disk operating, be senior disk operating semanteme with the rudimentary disk operating semantic conversion of obtaining, these information of same are compared from the directory information of system call parsing module transmission.Be whether the ongoing disk access of decidable is the load operation of executable code.If disk operating is resolved metric module and is read the content of this document measure all physical blocks that virtual machine will occupy from these files with the Hook Function on the communication path of monitor of virtual machine so.The result of tolerance is kept in the disk, and uses and encrypt with the corresponding encryption key of this virtual machine.
Complete flow process when virtual machine activation, is that virtual machine produces corresponding encryption key by disk operating parsing tolerance module invokes safety chip driver module as shown in Figure 5, simultaneously the operating system nucleus mirror image that is written into by Hook Function tolerance in the guidance code.After the operating system nucleus loading finishes in the virtual machine, system call parsing module supervisory system is called, when monitoring when being written into relevant system call with executable code, the said system recalls information is sent to disk operating resolve metric module, the disk operating semanteme of tolerance module parses virtual machine is resolved in disk operating, and the homologous ray recalls information is compared, if executable code be written into operation, metric module meets TCG standard/TCM standard to executable code metric operations is resolved in disk operating.
Above-described example has been done detailed explanation to the implementation of various piece of the present invention; but specific implementation form of the present invention is not limited thereto; concerning the those skilled in the art in present technique field, the various conspicuous change of under the situation of spirit that does not deviate from the method for the invention and claim scope it being carried out is all within protection scope of the present invention.
Claims (4)
1. transparent trust chain constructing system based on virtual machine architecture, main frame is the processor of the auxiliary Intel Virtualization Technology of support hardware, be provided with TPM or TCM safety chip in it, it is characterized in that, this main frame is provided with monitor of virtual machine, and described monitor of virtual machine comprises safety chip driver module, system call parsing module and disk operating parsing metric module;
The safety chip driver module is realized visit and management to TPM or TCM safety chip according to TPM standard or TCM standard;
The system call parsing module is after the client operating system nucleus loading finishes, at first by intercepting and capturing the system call relevant with executable code, obtain the system call information relevant with executable code, information comprises system call parameter and file directory, and information is sent to disk operating parsing metric module;
Disk operating is resolved metric module and is produced corresponding encryption key by calling the safety chip driver module for each client operating system, the unloading phase of client operating system, and the operating system nucleus that tolerance is written into; After the client operating system nucleus loading finishes, disk access data when obtaining the virtual machine operation, and the physical block number of transmitting according to the system call parsing module or to the access instruction and the parameter of virtual disk port, disk access semanteme when resolving the virtual machine operation, and contrast the disk access data that it obtains, the metric operations that corresponding executable code is met the TCG/TCM standard, and will measure the result and be kept on the disk, use and encrypt with the corresponding encryption key of this client operating system.
2. the transparent trust chain constructing system based on virtual machine architecture according to claim 1 is characterized in that, disk operating is resolved metric module and measured the operating system nucleus that is written in the following manner:
In the virtual machine activation stage, monitor of virtual machine directly is not written into the kernel image file of operating system, and provides the virtual BIOS guidance code in os starting stage, and transfers control to virtual BIOS guidance code; Metric module is resolved in disk operating increases the memory location that Hook Function obtains the operating system nucleus image file of loading in virtual BIOS guidance code, and this kernel mirror image is operated.
3. the transparent trust chain constructing system based on virtual machine architecture according to claim 1 is characterized in that, the disk access data when disk operating parsing metric module is obtained the virtual machine operation in the following manner:
Metric module is resolved in disk operating increases Hook Function on the communication path of virtual machine with monitor of virtual machine, obtain the visit data of virtual machine to disk, the relevant visit data that obtains comprises the physical block number of read-write or to the access instruction and the parameter of virtual disk port.
4. the transparent trust chain constructing system based on virtual machine architecture according to claim 1 is characterized in that, the disk access semanteme when disk operating parsing metric module is resolved the virtual machine operation in the following manner:
Disk operating is resolved metric module and recover catalogue and file operational semantics from the disk block operation of bottom, sets up the reverse mapping of these bottom disk blocks to upper directory and file, and disk block is mapped to topmost paper.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102143340A CN101866408B (en) | 2010-06-30 | 2010-06-30 | Transparent trust chain constructing system based on virtual machine architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102143340A CN101866408B (en) | 2010-06-30 | 2010-06-30 | Transparent trust chain constructing system based on virtual machine architecture |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101866408A CN101866408A (en) | 2010-10-20 |
| CN101866408B true CN101866408B (en) | 2011-11-30 |
Family
ID=42958130
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102143340A Expired - Fee Related CN101866408B (en) | 2010-06-30 | 2010-06-30 | Transparent trust chain constructing system based on virtual machine architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101866408B (en) |
Families Citing this family (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101957900B (en) * | 2010-10-26 | 2012-02-15 | 中国航天科工集团第二研究院七○六所 | Credible virtual machine platform |
| CN102841989A (en) * | 2011-06-24 | 2012-12-26 | 国民技术股份有限公司 | Operation system protection method and operation system protection device |
| CN102254120B (en) * | 2011-08-09 | 2014-05-21 | 华为数字技术(成都)有限公司 | Method, system and relevant device for detecting malicious codes |
| CN103617391B (en) * | 2011-09-14 | 2017-01-18 | 北京奇虎科技有限公司 | Method, device and virtual machine for detecting malicious programs |
| CN102821094B (en) * | 2012-07-09 | 2016-05-04 | 深圳市深信服电子科技有限公司 | Data safety processing method in virtual desktop and system |
| CN103580885B (en) * | 2012-07-20 | 2017-05-31 | 华为技术有限公司 | Cloud environment monitoring method and physical nodes |
| CN102880828B (en) * | 2012-09-07 | 2015-02-04 | 普华基础软件股份有限公司 | Intrusion detection and recovery system aiming at virtualization support environment |
| CN103106159B (en) * | 2013-01-31 | 2015-12-23 | 武汉天喻信息产业股份有限公司 | A kind of method setting up channel access intelligent storage equipment |
| US10198572B2 (en) | 2013-09-17 | 2019-02-05 | Microsoft Technology Licensing, Llc | Virtual machine manager facilitated selective code integrity enforcement |
| CN103795717B (en) * | 2014-01-23 | 2017-01-25 | 中国科学院计算技术研究所 | Method and system for proving integrity of cloud computing platform |
| CN103927484B (en) * | 2014-04-21 | 2017-03-08 | 西安电子科技大学宁波信息技术研究院 | Rogue program behavior catching method based on Qemu simulator |
| CN104134038B (en) * | 2014-07-31 | 2016-11-23 | 浪潮电子信息产业股份有限公司 | A kind of secure and trusted running protection method based on virtual platform |
| CN104794407B (en) * | 2015-04-16 | 2018-01-26 | 华中科技大学 | A kind of virtual machine file forced access control method and system based on KVM |
| US9875359B2 (en) * | 2015-10-14 | 2018-01-23 | Quanta Computer Inc. | Security management for rack server system |
| CN105574099A (en) * | 2015-12-14 | 2016-05-11 | 北京北信源软件股份有限公司 | Method for solving semantic gap of file data blocks on basis of memory information |
| CN106850297B (en) * | 2017-02-09 | 2020-04-21 | 合一网络技术(北京)有限公司 | Network request processing method and device |
| CN106970823B (en) * | 2017-02-24 | 2021-02-12 | 上海交通大学 | Efficient nested virtualization-based virtual machine security protection method and system |
| CN106961475B (en) * | 2017-03-14 | 2020-07-14 | 云宏信息科技股份有限公司 | Remote disk sharing method and sharing system based on NBD |
| CN107861793A (en) * | 2017-11-08 | 2018-03-30 | 浪潮(北京)电子信息产业有限公司 | Virtual hardware platform starts method, apparatus, equipment and computer-readable storage medium |
| CN107943556B (en) * | 2017-11-10 | 2021-08-27 | 中国电子科技集团公司第三十二研究所 | KMIP and encryption card based virtualized data security method |
| CN109101284A (en) * | 2018-07-18 | 2018-12-28 | 浪潮(北京)电子信息产业有限公司 | A kind of virtual machine starting method, apparatus, equipment and storage medium |
| CN109165079B (en) * | 2018-08-07 | 2021-07-27 | 郑州云海信息技术有限公司 | Virtualization-based cloud data center trusted platform and trust chain construction method |
| CN110008001B (en) * | 2019-03-29 | 2021-01-05 | 网御安全技术(深圳)有限公司 | Security reinforcement method and system for virtual machine monitor and hardware security monitoring card |
| CN110688198B (en) | 2019-09-24 | 2021-03-02 | 网易(杭州)网络有限公司 | System calling method and device and electronic equipment |
| CN113448682B (en) * | 2020-03-27 | 2024-04-19 | 支付宝(杭州)信息技术有限公司 | Virtual machine monitor loading method and device and electronic equipment |
| CN111966470B (en) * | 2020-09-08 | 2023-11-14 | 支付宝(杭州)信息技术有限公司 | Loading method, device and electronic equipment of virtual machine monitor |
| CN112882799A (en) * | 2021-03-04 | 2021-06-01 | 中国科学院信息工程研究所 | Virtual machine trusted migration system based on built-in security chip |
| CN116126477B (en) * | 2023-04-04 | 2023-07-25 | 支付宝(杭州)信息技术有限公司 | Method and computing device for accessing TPM in computing device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101038556B (en) * | 2007-04-30 | 2010-05-26 | 中国科学院软件研究所 | Trusted boot method and system thereof |
| CN101246537B (en) * | 2008-03-28 | 2010-06-02 | 上海中标软件有限公司 | Method for implementing reliable computation based on reliable multi-task operating system |
| CN101576944B (en) * | 2008-11-20 | 2011-09-07 | 武汉大学 | Computer secure startup system based on trusted platform module and method thereof |
-
2010
- 2010-06-30 CN CN2010102143340A patent/CN101866408B/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN101866408A (en) | 2010-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101866408B (en) | Transparent trust chain constructing system based on virtual machine architecture | |
| CN108475217B (en) | System and method for auditing virtual machines | |
| EP2973179B1 (en) | Dynamically loaded measured environment for secure code launch | |
| CN101350044B (en) | A method for building trust in a virtual environment | |
| Zou et al. | Design and implementation of a trusted monitoring framework for cloud platforms | |
| US20160019393A1 (en) | Trusted Boot of a Virtual Machine | |
| US20140025961A1 (en) | Virtual machine validation | |
| EP2815349A1 (en) | Roots-of-trust for measurement of virtual machines | |
| CN104036185B (en) | Virtualization based power and function isolating method for loading module of monolithic kernel operation system | |
| CN102214277B (en) | Method and device for creating trusted environment of multi-core processor virtual machine system | |
| CN101599022A (en) | Trusted Computing Base Tailoring Method for Virtual Machine System | |
| US11748140B2 (en) | Virtual machine security policy implementation | |
| US11099874B2 (en) | Efficient userspace driver isolation by shallow virtual machines | |
| CN111177726A (en) | A system vulnerability detection method, device, equipment and medium | |
| CN107169347A (en) | A kind of enhancing ARM platform virtual machines are examined oneself safe method and device | |
| Zhao et al. | Sok: Hardware security support for trustworthy execution | |
| Xing et al. | OB‐IMA: out‐of‐the‐box integrity measurement approach for guest virtual machines | |
| CN101488175B (en) | Method for preventing credible client virtual domain starting crash based on polling mechanism | |
| US11513825B2 (en) | System and method for implementing trusted execution environment on PCI device | |
| Zhang et al. | iFlask: Isolate flask security system from dangerous execution environment by using ARM TrustZone | |
| Hao et al. | vTRUST: A formal modeling and verification framework for virtualization systems | |
| Nimgaonkar et al. | Ctrust: A framework for secure and trustworthy application execution in cloud computing | |
| Kumara et al. | Virtual machine introspection based spurious process detection in virtualized cloud computing environment | |
| Hong et al. | A dual‐system trusted computing node construction method based on ARM multi‐core CPU architecture | |
| WO2018054466A1 (en) | Virtualization of a trusted computing base |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20111130 Termination date: 20140630 |
|
| EXPY | Termination of patent right or utility model |