摘要
文章分析可信计算硬件设备虚拟化需求,研究可信计算硬件设备虚拟化支持模式及其保障机制,提出确保虚拟机平台构建可信计算机制所需的密钥独立和完整性状态独立两条原则,并在分析I/O设备主要虚拟化机制基础上,提出两条可信计算硬件设备虚拟化关键保障机制:在虚拟化软件层确保安全的域间通信;可信计算硬件设备需具有可扩展的设备内部存储空间。
This paper analyzes the virtualization requirements of trusted computing hardware device, and studies the virtual support mode and assurance mechanism, and puts forward two principles of key independent principle and complete state independent principle that are needed when constructs trusted computing mechanism on virtual platform. On the basis of analyzing virtualization mechanisms of the main I/O equipments, this paper also puts forward two key virtualization assurance mechanisms of trusted computing hardware device: to ensure the secure inter-domain communication in the virtualization software layer; to ensure the trusted computing hardware device has an expandable internal storage space.
出处
《信息网络安全》
2015年第9期70-73,共4页
Netinfo Security
关键词
可信计算
虚拟化
保障机制
trusted computing
virtualization
assurance mechanism