期刊文献+

可信计算硬件设备虚拟化关键保障机制研究 被引量:3

Research on Trusted Computing Device Virtualization Critical Assurance Mechanisms
下载PDF
导出
摘要 文章分析可信计算硬件设备虚拟化需求,研究可信计算硬件设备虚拟化支持模式及其保障机制,提出确保虚拟机平台构建可信计算机制所需的密钥独立和完整性状态独立两条原则,并在分析I/O设备主要虚拟化机制基础上,提出两条可信计算硬件设备虚拟化关键保障机制:在虚拟化软件层确保安全的域间通信;可信计算硬件设备需具有可扩展的设备内部存储空间。 This paper analyzes the virtualization requirements of trusted computing hardware device, and studies the virtual support mode and assurance mechanism, and puts forward two principles of key independent principle and complete state independent principle that are needed when constructs trusted computing mechanism on virtual platform. On the basis of analyzing virtualization mechanisms of the main I/O equipments, this paper also puts forward two key virtualization assurance mechanisms of trusted computing hardware device: to ensure the secure inter-domain communication in the virtualization software layer; to ensure the trusted computing hardware device has an expandable internal storage space.
出处 《信息网络安全》 2015年第9期70-73,共4页 Netinfo Security
关键词 可信计算 虚拟化 保障机制 trusted computing virtualization assurance mechanism
  • 相关文献

参考文献13

二级参考文献146

共引文献301

同被引文献46

  • 1Chen X. Overshadow: a virtualization-based approach to retrofitting protection m commodity operating systems[C]//ACM SIGOPS Operating Systems Review. ACM, 2008, 42(2): 2-13.
  • 2Champagne D. Scalable architectural support for trusted software[C]// High Performance Computer Architecture (HPCA), 2010 IEEE 16th International Symposium on. IEEE, 2010: 1-12.
  • 3Chhabra S, Rogers B. SecureME: a hardware-software approach to filll system security[Cl//Proceedings of the international conference on Supercomputing. ACM, 201 I: 108-I19.
  • 4Wang Z. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity[C]//Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010: 38(3-395.
  • 5Zhang F, Chen J. Cloudvisor: Retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization[C] // Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles. New York :ACM, 201 l: 203-216.
  • 6Azab A M, Ning P, Zhang X. Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms[C]//Proceedings of the 18th ACM conference on Computer and communications security. ACM, 2011: 375-388.
  • 7Hua J, Sakurai K. Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation[C]//Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, 2012: 1470-1477.
  • 8Pan W, Zhang Y. Improving virtualization security by splitting hypervisor into smaller components[C]//Data and Applications Security and Privacy XXVI. Springer Berlin Heidelberg, 2012:298-313.
  • 9Jin S, Ahn J. Architectural support for secure virtualization under a vulnerable hypervisor[C]//Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture.ACM, 2011: 272-283.
  • 10Silakov D V. Using virtualization to protect application address space inside untrusted environment[J]. Programming and Computer Software, 2012, 38(1): 24-33.

引证文献3

二级引证文献28

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部