期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于扩展LS^2的VMM动态度量形式化分析 被引量:1

Formally analyzing VMM dynamic measurement based on extended LS^2
原文传递
导出
摘要 虚拟机监控器(virtual machine monitor,VMM)动态度量是保障虚拟化环境安全的重要手段,但是目前VMM动态度量正确性缺乏理论分析。基于VMM动态度量流程,确立了动态度量正确性目标,明确了定义动态度量应满足的重要属性,从操作语法、语义及推理规则方面扩展安全系统逻辑(logic of secure systems,LS2),据此推导动态度量程序的不变性,验证VMM动态完整性度量应满足的正确性。结论分析表明,应用本文扩展的LS2方法分析得出的动态度量结论与该技术实际应用效果一致,说明扩展的LS2方法有效,可为虚拟化环境安全提供理论参考。 Dynamic measurement for Virtual Machine Monitor (VMM)is a vital means to guarantee virtualized envi-ronments security,but there is currently little theoretical analysis on the correctness of VMM dynamic measurement. Therefore,based on VMM dynamic measurement process,the correctness goal of dynamic measurement is established in this work,which also gave a clear definition of several important properties to be met during dynamic measurement. Meanwhile,Logic of Secure Systems (LS2 )is extended by the operating syntax,semantics and reasoning rules,where-by reasoning several procedure invariances,and then formally verifying the correctness of VMM dynamic integrity measurement.The analysis shows that model and analysis conclusions drawn from the extended LS2 coincide with prac-tical application effect,and that the extended LS2 is effective to provide security theoretical support for virtualized envi-ronments security.
作者 纪祥敏 赵波 向騻 夏忠林
机构地区 武汉大学计算机学院 福建农林大学计算机与信息学院 武汉大学空天信息安全与可信计算教育部重点实验室
出处 《山东大学学报(理学版)》 CAS CSCD 北大核心 2014年第9期1-8,23,共9页 Journal of Shandong University(Natural Science)
基金 国家"九七三"重点基础研究发展计划项目(2014CB340600) 国家自然科学基金重点项目(61332019) 国家自然科学基金资助项目(61173138 61272452) 湖北省重点新产品新工艺研究开发项目(2012BAA03004)
关键词 虚拟机监控器 动态度量 安全系统逻辑 virtual machine monitor dynamic measurement logic of secure systems
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献8

二级参考文献185

共引文献404

同被引文献11

  • 1沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166. 被引量:253
  • 2Ali M, Khan S U, Vasilakos A V. Security in cloud computing: opportunities and challenges[-J~. Informa- tion Sciences, 2015, 305: 357-383.
  • 3Xu P, Chen H, Zou D, et al. Fine-grained and heter- ogeneous proxy re-encryption for secure cloud storage rJ~. Chinese Science Bulletin, 2014, 59 (32): 4201- 4209.
  • 4Zou D, Zhang W, Qiang W, et al. Design and imple- mentation of a trusted monitoring framework for cloud platforms[J]. Future Generation Computer Sys- tems, 2013, 29(8): 2092-2102.
  • 5Yu F, Zhang H, Zhao B, et al. A formal analysis of trusted platform module 2.0 hash-based message au- thentication code authorization under digital rights management scenario[J]. Security and Communica- tion Networks, 2015, 8: 2462-2476.
  • 6Berger S, Cdceres R, Goldman K A, et al. vTPM: virtualizing the trusted platform module[J]. Usenix Security, 2006, 15: 305-320.
  • 7IBM. Tpod[EB/OL]. [2015-07-12]. http://domi- no. research, ibm. com/comm/research people, nsf/ pages/taiga, reports, html/$ FILE/RT0564. pdf.
  • 8Zhang F, Wang J, Sun K, et al. HyperCheck: a hardware-assisted integrity monitor [J]. Dependable and Secure Computing IEEE Transactions on, 2013, 11(4) : 332-344.
  • 9Seol J, Jin S, Lee D, et al. A trusted IaaS environ- ment with hardware security module F J~. IEEE Trans on Services Computing, 2015(1): 1-14.
  • 10Jaeger T, Sailer R, Shankar U. PRIMA.. policy-re- duced integrity measurement architecture[C] // Pro- ceedings of the 11th ACM Symposium on Access Control Models and Technologies. LakeTahoe: Computer Science, 2006: 19-28.

引证文献1

二级引证文献3

山东大学学报(理学版)
2014年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部