一种基于影子页表+的软件型vTPM密钥秘密信息保护方案
|
摘要
由于TPM是一块资源受限的硬件芯片,在可信虚拟平台上所有用户虚拟机都通过共享TPM方式来实现可信计算的功能是不现实的.因此,当前不少虚拟平台在对TPM虚拟化时采用软件仿真方式,但现有虚拟机环境中的许多恶意攻击均能窃取和破坏此类vTPM运行时的密钥秘密信息,特别在全虚拟化和硬件虚拟化平台环境中,整个虚拟机均处于VMM的用户空间中, vTPM的密钥秘密信息更容易遭到攻击,这将严重影响虚拟机和vTPM的安全.为此,本文提出了一种基于影子页表+的软件型vTPM密钥秘密信息保护方案.该方案主要是在全虚拟化或硬件虚拟化平台中通过新增影子页表管理模块MMU-vTPM来保护vTPM的密钥秘密信息,该管理模块通过对vTPM密钥私有内存页表的访问控制来阻止其他进程非法访问和破坏vTPM密钥秘密信息私有内存.而且为了防止恶意用户对MMU-vTPM模块进行篡改,采用TPM的静态度量机制和动态度量机制对该模块进行完整性保护.最后,基于Xen实现了该方案.测试结果表明,该方案能够在保证vTPM的vEK和v SRK等关键密钥秘密信息的安全性,而且不会带来严重的性能损失.
Because of the limit of hardware resources, it is impossible to share the TPM function for all the virtual machines on the trusted virtual platform. Therefore, many of the virtual machines use the emulator to virtualized the TPM, i.e., using the software vTPM to simulate the function of TPM. However, there are many attacks in the virtual machine environment, where it is easy to steal and destroy the keys and certificates which exist in the running space of the vTPM, especially in the full virtualization platform and hardware assisted virtualization platform, the keys of vTPM will be more vulnerable against attacks due to the whole virtual machine being in the user space of VMM,this will seriously affect the security of the virtual machine and vTPM. In this study, a software vTPM key protection scheme based on shadow page table plus is proposed. In this scheme, through a new added shadow page table management module which called MMU-vTPM to protect the keys and certificates in the full virtualization platform or hardware virtualization platform, the MMU-vTPM will prevent other processes to access and damage the memory of the private vTPM keys by monitoring the page table access control. Moreover, in order to prevent the tamper of MMU-vTPM module from the malicious users, the static integrity measurement and dynamic integrity measurement are used to protect the integrity of MMU-vTPM module. At last, an implement of the proposed scheme is given based on the Xen virtualization platform. The test results show that the scheme can ensure the security of the vEK, vSRK, and other secret information of the vTPM, and do not seriously affect the performance.
Because of the limit of hardware resources, it is impossible to share the TPM function for all the virtual machines on the trusted virtual platform. Therefore, many of the virtual machines use the emulator to virtualized the TPM, i.e., using the software vTPM to simulate the function of TPM. However, there are many attacks in the virtual machine environment, where it is easy to steal and destroy the keys and certificates which exist in the running space of the vTPM, especially in the full virtualization platform and hardware assisted virtualization platform, the keys of vTPM will be more vulnerable against attacks due to the whole virtual machine being in the user space of VMM,this will seriously affect the security of the virtual machine and vTPM. In this study, a software vTPM key protection scheme based on shadow page table plus is proposed. In this scheme, through a new added shadow page table management module which called MMU-vTPM to protect the keys and certificates in the full virtualization platform or hardware virtualization platform, the MMU-vTPM will prevent other processes to access and damage the memory of the private vTPM keys by monitoring the page table access control. Moreover, in order to prevent the tamper of MMU-vTPM module from the malicious users, the static integrity measurement and dynamic integrity measurement are used to protect the integrity of MMU-vTPM module. At last, an implement of the proposed scheme is given based on the Xen virtualization platform. The test results show that the scheme can ensure the security of the vEK, vSRK, and other secret information of the vTPM, and do not seriously affect the performance.
引文
[1]WANG G F,LIU C Y,PAN H Z,et al.Survey on insider threats to cloud computing[J].Chinese Journal of Computers,2017,40(2):296-316.[DOI:10.11897/SP.J.1016.2017.00296]王国峰,刘川意,潘鹤中,等.云计算模式内部威胁综述[J].计算机学报,2017,40(2):296-316.[DOI:10.11897/SP.J.1016.2017.00296]
[2]ZHANG Y Q,WANG X F,LIU X F,et al.Survey on cloud computing security[J].Journal of Software,2016,27(6):1328-1348.[DOI:10.13328/j.cnki.jos.005004]张玉清,王晓菲,刘雪峰,等.云计算环境安全综述[J].软件学报,2016,27(6):1328-1348.[DOI:10.13328/j.cnki.jos.005004]
[3]CHEN R,MU Y,YANG G,et al.BL-MLE:Block-level message-locked encryption for secure large file deduplication[J].IEEE Transactions on Information Forensics and Security,2015,10(12):2643-2652.[DOI:10.1109/TIF-S.2015.2470221]
[4]LIN C,SHU W B,MEN K,et al.Cloud computing security:Architecture,mechanism and modeling[J].Chinese Journal of Computers,2013,36(9):1765-1784.[DOI:10.3724/SP.J.1016.2013.01765]林闯,苏文博,孟坤,等.云计算安全:架构、机制与模型评价[J].计算机学报,2013,36(9):1765-1784.[DOI:10.3724/SP.J.1016.2013.01765]
[5]SHEN C X,ZHANG H G,WANG H M,et al.Research on trusted computing and its development[J].SCIENTIASINICA Informationis,2010,40(2):139-166.沈昌祥,张焕国,王怀民,等.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166.
[6]ALBELOOSHI B,SALAH K,MARTIN T,et al.Securing cryptographic keys in the IAAS cloud model[C].In:Proceedings of 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing(UCC).IEEE,2015:397-401.[DOI:10.1109/UCC.2015.64]
[7]YU Z L,WANG Q,ZHANG W P,et al.A cloud certificate authority architecture for virtual machines with trusted platform module[C].In:Proceedings of 2015 IEEE 7th International Symposium on Cyberspace Safety and Security(CSS).IEEE,2015:1377-1380.[DOI:10.1109/HPCC-CSS-ICESS.2015.268]
[8]CHANG D X,CHU X B,QIN Y,et al.TSD:A flexible root of trust for the cloud[C].In:Proceedings of 2012IEEE 11th International Conference on Trust,Security and Privacy in Computing and Communications.IEEE,2012:119-126.[DOI:10.1109/TrustCom.2012.287]
[9]WAN X,XIAO Z T,REN Y.Building trust into cloud computing using virtualization of TPM[C].In:Proceedings of 2012 Fourth International Conference on Multimedia Information Networking and Security.IEEE,2012:59-63.[DOI:10.1109/MINES.2012.82]
[10]XUE D L,WU X L,GAO Y W,et al.TrustVP:Construction and evolution of trusted chain on virtualization computing platform[C].In:Proceedings of 2012 Eighth International Conference on Computational Intelligence and Security(CIS).IEEE,2012:623-630.[DOI:10.1109/CIS.2012.145]
[11]MASTI R J,MARFORIO C,CAPKUN S.An architecture for concurrent execution of secure environments in clouds[C].In:Proceedings of the 2013 ACM Workshop on Cloud Computing Security.ACM,2013:11-22.[DOI:10.1145/2517488.2517489]
[12]YAP J Y,TOMLINSON A.Para-virtualizing the trusted platform module:An enterprise framework based on Version 2.0 specification[C].In:Trusted Systems-INTRUST 2013.Springer Cham,2013:1-16.[DOI:10.1007/978-3-319-03491-1_1]
[13]PCI Sig.Pci-sig-single root iov[EB/OL].http://www.pcisig.com/specifications/iov/Single_root/,2017.
[14]LIANG X L,JIANG R,KONG H F.Secure and reliable VM-vTPM migration in private cloud[C].In:Proceedings of 2013 2nd International Symposium on Instrumentation and Measurement,Sensor Network and Automation(IMSNA).IEEE,2013:510-514.[DOI:10.1109/IMSNA.2013.6743327]
[15]Trusted Computing Group.Virtualized trusted platform architecture specification[EB/OL].https://www.trusted computing group.org/wp-content/uploads/TCG_VPWG_Architecture_V1-0_R0-26_FINAL.pdf,2017.
[16]LIU C Y,WANG G F,LIN J,et al.Practical construction and audit for trusted cloud execution environment[J].Chinese Journal of Computers,2016,39(2):339-350.[DOI:10.11897/SP.J.1016.2016.00339]刘川意,王国峰,林杰,等.可信的云计算运行环境构建和审计[J].计算机学报,2016,39(2):339-350.[DOI:10.11897/SP.J.1016.2016.00339]
[17]LIU Q,WENG C L,LI M L,et al.An in-VM measuring framework for increasing virtual machine security in clouds[J].IEEE Security&Privacy,2010,8(6):56-62.[DOI:10.1109/msp.2010.143]
[18]ZHANG Y,FENG D G,YU A M.Virtual machine anonymous attestation in cloud computing[J].Journal of Software,2013,24(12):2897-2908.[DOI:10.3724/SP.J.1001.2013.04389]张严,冯登国,于爱民.云计算环境虚拟机匿名身份证明方案[J].软件学报,2013,24(12):2897-2908.[DOI:10.3724/SP.J.1001.2013.04389]
[19]LUO D J.Research on Key Issues in Cloud Computing Security Based on Trusted Computing[D].Guangzhou:South China University of Technology,2014.[DOI:CNKI:CDMD:1.2014.062821]罗东俊.基于可信计算的云计算安全若干关键问题研究[D].广州:华南理工大学,2014.[DOI:CNKI:CDMD:1.2014.062821]
[20]DING Y,WANG H M,SHI P C,et al.Trusted cloud service[J].Chinese Journal of Computers,2015,38(1):133-149.[DOI:10.3724/SP.J.1016.2015.00133]丁滟,王怀民,史佩昌,等.可信云服务[J].计算机学报,2015,38(1):133-149.[DOI:10.3724/SP.J.1016.2015.00133]
[21]ZHU M,TU B B,MEN D.The security research of virtualization software stack[J].Chinese Journal of Computers,2017,40(2):481-504.[DOI:10.11897/SP.J.1016.2017.00481]朱民,涂碧波,孟丹.虚拟化软件栈安全研究[J].计算机学报,2017,40(2):481-504.[DOI:10.11897/SP.J.1016.2017.00481]
[22]FENG D G,QIN Y,WANG D,et al.Research on trusted computing technology[J].Journal of Computer Research and Development,2011,48(8):1332-1349.冯登国,秦宇,汪丹,等.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349.
[23]Trusted Computing Group.TCG specification architecture overview,Version 1.2[EB/OL].https://trusted computinggroup.org/wp-content/uploads/TPM-Main-Part-1-Design-Principles_v1.2_rev116_01032011.pdf,2009.
[24]Trusted Computing Group.Trusted platform module specification Family 2.0[EB/OL].https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf,2017.
[25]BERGER S,CáCERES R,GOLDMAN K A,et al.vTPM:Virtualizing the trusted platform modual[C].In:Proceedings of the 15th USENIX Security Symposium.Vancouver,Canada,2006:305-320.
[26]SCARLATA V,ROZAS C,WISEMAN M,et al.TPM virtualization:Building a general framework[C].In:Trusted Computing.Vieweg+Teubner,2007:43-56.[DOI:10.1007/978-3-8348-9452-6_4]
[27]Towards trustworthy virtualization environments:Xen library OS security service infrastructure[R].HewlettPackard Laboratories.2007:43-51,.
[28]MURRAY D G,MILOS G,HAND S.Improving Xen security through disaggregation[C].In:Proceedings of the Fourth ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments-VEE’08.ACM,2008:151-160.[DOI:10.1145/1346256.1346278]
[29]PLAQUIN D,CABUK S,DALTON C,et al,TPM virtualisation architecture document[R].Open Trusted Computing,2009.
[30]CHHABRA S,ROGERS B.Secure ME:A hardware-software approach to full system security[C].In:Proceedings of the International Conference on Supercomputing.ACM,2011:108-119.[DOI:10.1145/1995896.1995914]
[31]CHAMPAGNE D.Scalable architectural support for trusted software[C].In:Proceedings of 2010 IEEE 16th International Symposium on High Performance Computer Architecture(HPCA).IEEE,2010:1-12.[DOI:10.1109/H-PCA.2010.5416657]
[32]HUA J,SAKURAI K.Barrier:A lightweight hypervisor for protecting kernel integrity via memory isolation[C].In:Proceedings of the 27th Annual ACM Symposium on Applied Computing.ACM,2012:1470-1477.[DOI:10.1145/2245276.2232011]
[33]PAN W,ZHANG Y.Improving virtualization security by splitting hypervisor into smaller components[C].In:Data and Applications Security and Privacy XXVI-DBSec 2012.Springer Berlin Heidelberg,2012:298-313.[DOI:10.1007/978-3-642-31540-4_23]
[34]BUTTERWORTH J.Bios chronomancy:Fixing the core root of trust for measurement[C].In:Proceedings of the2013 ACM SIGSAC Conference on Computer&Communications Security.ACM,2013:25-36.[DOI:10.1145/2508859.2516714]
[35]JIN X,WANG L N,YU R W,et al.Administrative domain:Security enhancement for virtual TPM[C].In:Proceedings of 2010 International Conference on Multimedia Information Networking and Security.IEEE,2010:767-771.[DOI:10.1109/MINES.2010.162]
[36]DAI W Q.Research on Key Technologies of Building Trusted Execution Environment for Cloud Computing[D].Wuhan:Huazhong University of Science and Technology,2015.代炜琦.云计算执行环境可信构建关键问题研究[D].武汉:华中科技大学,2015.
[37]PEARSON S,SHEN Y,MOWBRAY M.A privacy manager for cloud computing[C].In:Cloud Computing-CloudCom 2009.Springer Berlin Heidelberg,2009:90-106.[DOI:10.1007/978-3-642-10665-1_9]
[38]YANG X,SHEN Q N,YANG Y H,et al.A way of key management in cloud storage based on trusted computing[C].In:Network and Parallel Computing-NPC 2011.Springer Berlin Heidelberg,2011:135-145.[DOI:10.1007/978-3-642-24403-2_11]
[39]WANG L N,REN Z W,DONG Y F,et al.A management approach to key-used times based on trusted platform module in cloud storage[J].Journal of Computer Research and Development,2013,50(8):1628-1636.[DOI:10.7544/issn1000-1239.2013.20120554]王丽娜,任正伟,董永峰,等.云存储中基于可信平台模块的密钥使用次数管理方法[J].计算机研究与发展,2013,50(8):1628-1636.[DOI:10.7544/issn1000-1239.2013.20120554]
[40]SHI Y,ZHAO B,YU Z,et al.A security-improved scheme for virtual TPM based on KVM[J].Wuhan University Journal of Natural Sciences,2015,20(6):505-511.[DOI:10.1007/s11859-015-1126-5]
[41]ZHENG S H.Design and Implementation of Hardware Virtual Machine[D].Chengdu:University of Electronic Science and Technology of China,2008.郑绍辉.硬件虚拟机的设计与实现[D].成都:电子科技大学,2008.
[42]Intel Open Source Software Technology Center.System Virtualization:Principle and Implementation[M].Beijing:Tsinghua University Press,2009:30-134.英特尔开源软件技术中心.系统虚拟化:原理与实现[M].北京:清华大学出版社,2009:30-134.
[43]HUAN X,DENG L,SUN H,et al.Secure and efficient kernel monitoring model based on hardware virtualization[J].Journal of Software,2016,27(2):481-494.[DOI:10.13328/j.cnki.jos.004866]黄啸,邓良,孙浩,等.基于硬件虚拟化的安全高效内核监控模型[J].软件学报,2016,27(2):481-494.[DOI:10.13328/j.cnki.jos.004866]
[44]WOJTEZUK R.Subverting the Xen hypervisor[EB/OL].http://www.blackhat.com/presentations/bh-usa-08/Wojtczuk/BH_US_08_Wojtczuk_Subverting_the_Xen_Hypervisor.pdf,2016.
[45]NIE C.Dynamic root of trust in trusted computing.TKK T-110.5290[R/OL].http://www.tml.tkk.fi/Publications/C/25/papers/Nie_final.pdf,2016.
[2]ZHANG Y Q,WANG X F,LIU X F,et al.Survey on cloud computing security[J].Journal of Software,2016,27(6):1328-1348.[DOI:10.13328/j.cnki.jos.005004]张玉清,王晓菲,刘雪峰,等.云计算环境安全综述[J].软件学报,2016,27(6):1328-1348.[DOI:10.13328/j.cnki.jos.005004]
[3]CHEN R,MU Y,YANG G,et al.BL-MLE:Block-level message-locked encryption for secure large file deduplication[J].IEEE Transactions on Information Forensics and Security,2015,10(12):2643-2652.[DOI:10.1109/TIF-S.2015.2470221]
[4]LIN C,SHU W B,MEN K,et al.Cloud computing security:Architecture,mechanism and modeling[J].Chinese Journal of Computers,2013,36(9):1765-1784.[DOI:10.3724/SP.J.1016.2013.01765]林闯,苏文博,孟坤,等.云计算安全:架构、机制与模型评价[J].计算机学报,2013,36(9):1765-1784.[DOI:10.3724/SP.J.1016.2013.01765]
[5]SHEN C X,ZHANG H G,WANG H M,et al.Research on trusted computing and its development[J].SCIENTIASINICA Informationis,2010,40(2):139-166.沈昌祥,张焕国,王怀民,等.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166.
[6]ALBELOOSHI B,SALAH K,MARTIN T,et al.Securing cryptographic keys in the IAAS cloud model[C].In:Proceedings of 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing(UCC).IEEE,2015:397-401.[DOI:10.1109/UCC.2015.64]
[7]YU Z L,WANG Q,ZHANG W P,et al.A cloud certificate authority architecture for virtual machines with trusted platform module[C].In:Proceedings of 2015 IEEE 7th International Symposium on Cyberspace Safety and Security(CSS).IEEE,2015:1377-1380.[DOI:10.1109/HPCC-CSS-ICESS.2015.268]
[8]CHANG D X,CHU X B,QIN Y,et al.TSD:A flexible root of trust for the cloud[C].In:Proceedings of 2012IEEE 11th International Conference on Trust,Security and Privacy in Computing and Communications.IEEE,2012:119-126.[DOI:10.1109/TrustCom.2012.287]
[9]WAN X,XIAO Z T,REN Y.Building trust into cloud computing using virtualization of TPM[C].In:Proceedings of 2012 Fourth International Conference on Multimedia Information Networking and Security.IEEE,2012:59-63.[DOI:10.1109/MINES.2012.82]
[10]XUE D L,WU X L,GAO Y W,et al.TrustVP:Construction and evolution of trusted chain on virtualization computing platform[C].In:Proceedings of 2012 Eighth International Conference on Computational Intelligence and Security(CIS).IEEE,2012:623-630.[DOI:10.1109/CIS.2012.145]
[11]MASTI R J,MARFORIO C,CAPKUN S.An architecture for concurrent execution of secure environments in clouds[C].In:Proceedings of the 2013 ACM Workshop on Cloud Computing Security.ACM,2013:11-22.[DOI:10.1145/2517488.2517489]
[12]YAP J Y,TOMLINSON A.Para-virtualizing the trusted platform module:An enterprise framework based on Version 2.0 specification[C].In:Trusted Systems-INTRUST 2013.Springer Cham,2013:1-16.[DOI:10.1007/978-3-319-03491-1_1]
[13]PCI Sig.Pci-sig-single root iov[EB/OL].http://www.pcisig.com/specifications/iov/Single_root/,2017.
[14]LIANG X L,JIANG R,KONG H F.Secure and reliable VM-vTPM migration in private cloud[C].In:Proceedings of 2013 2nd International Symposium on Instrumentation and Measurement,Sensor Network and Automation(IMSNA).IEEE,2013:510-514.[DOI:10.1109/IMSNA.2013.6743327]
[15]Trusted Computing Group.Virtualized trusted platform architecture specification[EB/OL].https://www.trusted computing group.org/wp-content/uploads/TCG_VPWG_Architecture_V1-0_R0-26_FINAL.pdf,2017.
[16]LIU C Y,WANG G F,LIN J,et al.Practical construction and audit for trusted cloud execution environment[J].Chinese Journal of Computers,2016,39(2):339-350.[DOI:10.11897/SP.J.1016.2016.00339]刘川意,王国峰,林杰,等.可信的云计算运行环境构建和审计[J].计算机学报,2016,39(2):339-350.[DOI:10.11897/SP.J.1016.2016.00339]
[17]LIU Q,WENG C L,LI M L,et al.An in-VM measuring framework for increasing virtual machine security in clouds[J].IEEE Security&Privacy,2010,8(6):56-62.[DOI:10.1109/msp.2010.143]
[18]ZHANG Y,FENG D G,YU A M.Virtual machine anonymous attestation in cloud computing[J].Journal of Software,2013,24(12):2897-2908.[DOI:10.3724/SP.J.1001.2013.04389]张严,冯登国,于爱民.云计算环境虚拟机匿名身份证明方案[J].软件学报,2013,24(12):2897-2908.[DOI:10.3724/SP.J.1001.2013.04389]
[19]LUO D J.Research on Key Issues in Cloud Computing Security Based on Trusted Computing[D].Guangzhou:South China University of Technology,2014.[DOI:CNKI:CDMD:1.2014.062821]罗东俊.基于可信计算的云计算安全若干关键问题研究[D].广州:华南理工大学,2014.[DOI:CNKI:CDMD:1.2014.062821]
[20]DING Y,WANG H M,SHI P C,et al.Trusted cloud service[J].Chinese Journal of Computers,2015,38(1):133-149.[DOI:10.3724/SP.J.1016.2015.00133]丁滟,王怀民,史佩昌,等.可信云服务[J].计算机学报,2015,38(1):133-149.[DOI:10.3724/SP.J.1016.2015.00133]
[21]ZHU M,TU B B,MEN D.The security research of virtualization software stack[J].Chinese Journal of Computers,2017,40(2):481-504.[DOI:10.11897/SP.J.1016.2017.00481]朱民,涂碧波,孟丹.虚拟化软件栈安全研究[J].计算机学报,2017,40(2):481-504.[DOI:10.11897/SP.J.1016.2017.00481]
[22]FENG D G,QIN Y,WANG D,et al.Research on trusted computing technology[J].Journal of Computer Research and Development,2011,48(8):1332-1349.冯登国,秦宇,汪丹,等.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349.
[23]Trusted Computing Group.TCG specification architecture overview,Version 1.2[EB/OL].https://trusted computinggroup.org/wp-content/uploads/TPM-Main-Part-1-Design-Principles_v1.2_rev116_01032011.pdf,2009.
[24]Trusted Computing Group.Trusted platform module specification Family 2.0[EB/OL].https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf,2017.
[25]BERGER S,CáCERES R,GOLDMAN K A,et al.vTPM:Virtualizing the trusted platform modual[C].In:Proceedings of the 15th USENIX Security Symposium.Vancouver,Canada,2006:305-320.
[26]SCARLATA V,ROZAS C,WISEMAN M,et al.TPM virtualization:Building a general framework[C].In:Trusted Computing.Vieweg+Teubner,2007:43-56.[DOI:10.1007/978-3-8348-9452-6_4]
[27]Towards trustworthy virtualization environments:Xen library OS security service infrastructure[R].HewlettPackard Laboratories.2007:43-51,.
[28]MURRAY D G,MILOS G,HAND S.Improving Xen security through disaggregation[C].In:Proceedings of the Fourth ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments-VEE’08.ACM,2008:151-160.[DOI:10.1145/1346256.1346278]
[29]PLAQUIN D,CABUK S,DALTON C,et al,TPM virtualisation architecture document[R].Open Trusted Computing,2009.
[30]CHHABRA S,ROGERS B.Secure ME:A hardware-software approach to full system security[C].In:Proceedings of the International Conference on Supercomputing.ACM,2011:108-119.[DOI:10.1145/1995896.1995914]
[31]CHAMPAGNE D.Scalable architectural support for trusted software[C].In:Proceedings of 2010 IEEE 16th International Symposium on High Performance Computer Architecture(HPCA).IEEE,2010:1-12.[DOI:10.1109/H-PCA.2010.5416657]
[32]HUA J,SAKURAI K.Barrier:A lightweight hypervisor for protecting kernel integrity via memory isolation[C].In:Proceedings of the 27th Annual ACM Symposium on Applied Computing.ACM,2012:1470-1477.[DOI:10.1145/2245276.2232011]
[33]PAN W,ZHANG Y.Improving virtualization security by splitting hypervisor into smaller components[C].In:Data and Applications Security and Privacy XXVI-DBSec 2012.Springer Berlin Heidelberg,2012:298-313.[DOI:10.1007/978-3-642-31540-4_23]
[34]BUTTERWORTH J.Bios chronomancy:Fixing the core root of trust for measurement[C].In:Proceedings of the2013 ACM SIGSAC Conference on Computer&Communications Security.ACM,2013:25-36.[DOI:10.1145/2508859.2516714]
[35]JIN X,WANG L N,YU R W,et al.Administrative domain:Security enhancement for virtual TPM[C].In:Proceedings of 2010 International Conference on Multimedia Information Networking and Security.IEEE,2010:767-771.[DOI:10.1109/MINES.2010.162]
[36]DAI W Q.Research on Key Technologies of Building Trusted Execution Environment for Cloud Computing[D].Wuhan:Huazhong University of Science and Technology,2015.代炜琦.云计算执行环境可信构建关键问题研究[D].武汉:华中科技大学,2015.
[37]PEARSON S,SHEN Y,MOWBRAY M.A privacy manager for cloud computing[C].In:Cloud Computing-CloudCom 2009.Springer Berlin Heidelberg,2009:90-106.[DOI:10.1007/978-3-642-10665-1_9]
[38]YANG X,SHEN Q N,YANG Y H,et al.A way of key management in cloud storage based on trusted computing[C].In:Network and Parallel Computing-NPC 2011.Springer Berlin Heidelberg,2011:135-145.[DOI:10.1007/978-3-642-24403-2_11]
[39]WANG L N,REN Z W,DONG Y F,et al.A management approach to key-used times based on trusted platform module in cloud storage[J].Journal of Computer Research and Development,2013,50(8):1628-1636.[DOI:10.7544/issn1000-1239.2013.20120554]王丽娜,任正伟,董永峰,等.云存储中基于可信平台模块的密钥使用次数管理方法[J].计算机研究与发展,2013,50(8):1628-1636.[DOI:10.7544/issn1000-1239.2013.20120554]
[40]SHI Y,ZHAO B,YU Z,et al.A security-improved scheme for virtual TPM based on KVM[J].Wuhan University Journal of Natural Sciences,2015,20(6):505-511.[DOI:10.1007/s11859-015-1126-5]
[41]ZHENG S H.Design and Implementation of Hardware Virtual Machine[D].Chengdu:University of Electronic Science and Technology of China,2008.郑绍辉.硬件虚拟机的设计与实现[D].成都:电子科技大学,2008.
[42]Intel Open Source Software Technology Center.System Virtualization:Principle and Implementation[M].Beijing:Tsinghua University Press,2009:30-134.英特尔开源软件技术中心.系统虚拟化:原理与实现[M].北京:清华大学出版社,2009:30-134.
[43]HUAN X,DENG L,SUN H,et al.Secure and efficient kernel monitoring model based on hardware virtualization[J].Journal of Software,2016,27(2):481-494.[DOI:10.13328/j.cnki.jos.004866]黄啸,邓良,孙浩,等.基于硬件虚拟化的安全高效内核监控模型[J].软件学报,2016,27(2):481-494.[DOI:10.13328/j.cnki.jos.004866]
[44]WOJTEZUK R.Subverting the Xen hypervisor[EB/OL].http://www.blackhat.com/presentations/bh-usa-08/Wojtczuk/BH_US_08_Wojtczuk_Subverting_the_Xen_Hypervisor.pdf,2016.
[45]NIE C.Dynamic root of trust in trusted computing.TKK T-110.5290[R/OL].http://www.tml.tkk.fi/Publications/C/25/papers/Nie_final.pdf,2016.