【作者】 罗东俊；

【导师】 唐韶华；

【作者基本信息】 华南理工大学 ， 信息安全， 2014， 博士

【摘要】 云计算是一种新兴的计算服务方式，以其便利、经济、高可扩展性等优势，在各行业应用中快速兴起。用户通过将计算任务和数据委托给云服务商，大大减轻了用户计算和存储的负担。但与同时，这也意味着用户对自己的计算任务和数据失去了控制，因此，云计算安全问题已成为影响其发展的首要问题。本文结合可信计算技术和虚拟机技术，从云基础设施安全角度，构建了一种安全、高效、通用的基于可信计算基（TCB）的可信云计算平台（TCCP），对可信云计算平台的安全体系结构、可信云计算平台完整性度量和保护、可信云计算平台的远程证明以及可信云计算平台云用户的统一身份认证4个方面内容进行了研究，取得了以下几方面的创新性成果：1．通过对平台完整性度量和保护方法进行全面的分析，明确提出了动态完整性保护应该建立在安全策略上的思想，为当前无法依赖于动态完整性度量方法保证系统动态完整性的局面提供了一种重要的思路。为此，基于无干扰概念提出了一种非传递无干扰可信模型，并据此提出了一种动态完整性保护模型即BIBA-BLP强制访问控制模型来实施可信云计算平台组件间的信息流控制。在此基础上，借鉴PRIMA架构的信任链构建方法，构建了一套可信云计算平台完整性保护框架，即静态完整性保护框架和动态完整性保护框架，既保证了平台启动时的静态完整性，同时又确保了平台运行时的动态完整性。在构建静态完整性保护框架时，在现有硬件和软件环境下，采用SRTM技术和DRTM技术，分别提出了一种基于TrustedGRUB和TBoot（Trusted Boot）的可信启动架构，实现了平台特权虚拟域Dom0静态信任链和动态信任链的扩展，然后在此基础上再构建出了用户虚拟域的可信启动信任链。而在构建动态完整性保护框架时，根据系统可信判断条件着重从动态完整性保护框架中可信通道的3个方面的安全要求进行了实现，包括可信通道中组件的完整性保护、虚拟域之间的访问控制以及虚拟域敏感数据的安全存储与访问。在实现可信通道组件完整性保护时，通过PTEs（Page Table Entities）的监控，保证了信道中不安全组件的动态完整性；在实现虚拟域之间的访问控制时，采用BIBA-BLP多级安全策略进行信息流控制，保证了所有虚拟域的有效隔离；而在实现虚拟域敏感数据的安全存储与访问时，采用本文提出的OOAP授权协议，确保了对受保护对象的访问都是经过授权的，并防止了现有授权协议的已知安全漏洞。上述3方面的实现满足了非传递无干扰可信的要求，达到了平台运行时可信的目标。2．基于可信计算技术和属性签名机制提出了一种简单、安全、高效的可信云计算平台远程匿名证明协议——RAA-CCP协议。该协议不需双线性对，也不需属性证书和AIK证书，大大简化了证书的管理工作，并同时实现了计算节点的身份证明和完整性状态证明。分析和实验表明，该协议具有不可伪造性、平台身份匿名性、配置隐私保护性和抗共谋性，即使在高安全强度下也具有很高运行效率，很好地满足了云环境下远程证明的安全需求和性能需求。然后，在此基础上提出了用户虚拟域远程证明协议和vTPM移植协议。对于用户虚拟域的远程证明既证明了其所在的物理节点的可信性，同时又证明了其本身的可信性；而对于vTPM移植协议要求验证目的平台至少具有与源平台相同的安全属性，然后在保密下进行移植，保证了vTPM实例移植过程的安全和移植的目的平台的安全。3．基于PGP信任模型和RAA-CCP协议提出了一种简单、安全、可扩展的云用户身份统一认证方案。该方案通过安全中间件的形式为各云服务提供了强安全身份认证，并能简单地实现单点登录（SSO）。方案中，根据PGP信任模型将公钥管理与用户管理结为一体，具有很强的灵活性，能满足用户数不断增长的需求，同时还能避免传统基于PKI方法中烦琐的证书管理工作；而基于RAA-CCP协议实现了无中心联盟认证，使得跨域认证不再需要权威机构的交叉认证，避免了PKI中在证书路径构造和证书链有效性检验时造成的大量计算，大大提高了联盟认证的效率。分析表明，该方案具有简单、安全、通用3大特性。并且，通过公钥环数据同步还能进一步提高方案运行效率，并实现认证服务器的自动负载均衡，很好地满足了云环境中身份认证的需求。总之，结合可信计算和虚拟机技术构建可信云计算平台，从真正意义上建立了一个可信的云环境，为用户能真正享受到云计算带来的价值提供了保障。本文的研究成果不仅为云计算安全的研究提供了支撑，还为基于可信计算的安全技术的研究方向提供了一定的借鉴。更多还原

【Abstract】 Cloud computing is a new computing service pattern. It is rapidly developing inindustries for its advantages such as convenience, economy, high extensibility, and etc.Customers can outsource their computations and data to cloud providers. It greatly cuts downcustomers’ cost on computations and storages. However, it also means the customers get outof control of their computations and data. So cloud computing security is a vital problem thatwill affect its development. In this thesis, we proposed a secure, efficient and multipurposetrusted cloud computing platform (TCCP) based on trusted computing base (TCB) from theviewpoint of cloud infrastructure security. For this purpose, we combined trusted computingtechnologies with virtual machine technologies. We researched on the TCCP from4aspects.They were security architecture, integrity measurement and protection, remote attestation, andunified identity authentication to customers. The main contributions of this thesis are listed asfollows.1. By rounded analyses of the methods of integrity measurement and protection, weclearly presented a thought that it should be based on security policies to achieve a dynamicintegrity protection, which provided an important idea for the current situation unable toensure the dynamic integrity of a system depending on dynamic integrity measurements.Hence, we proposed an intransitive noninterference trusted model. And then, based on it, weproposed a dynamic integrity protection model named BIBA-BLP mandatory access controlmodel to enforce information flow control between components on the TCCP. Based on theBIBA-BLP model, we proposed a suit of integrity protection frameworks used for the staticand dynamic integrity protection, referring to the method of constructing trusted chains inPRIMA. They ensured the integrity of the TCCP at boot time and runtime. For the staticintegrity protection framework, we separately proposed two trusted boot frameworks based onTrustedGRUB and TBoot (Trusted Boot), adopting SRTM and DRTM technologies underexisting hardware and software environments. They were used to do the extensions of staticand dynamic trusted chains for the privileged domain Dom0. In succession, we constructed atrusted chain for the user domain DomU. And then, for the dynamic integrity protectionframework, we implemented it mainly from3security demands of the trusted channel in it according to trusted decision conditions, including the integrity protection of components inthe trusted channel, the access control between domains, and the security storage and accessto sensitive data in domains. As for the first, we implemented it by monitoring PTEs (PageTable Entities), which ensured the dynamic integrity of insecure components in the channel.As for the second, we implemented it by adopting the multilevel security policies ofBIBA-BLP model to enforce the information flow control, which ensured the efficientseparation from domains each other. And as for the third, we implemented it by adopting anovel authorization protocol called OOAP protocol proposed in this thesis, which ensured thelegal access to all protected objects and avoided the known security leak in existingauthorization protocols. The above3implementations satisfied the trusted decision conditionsof the intransitive noninterference trusted model, and ensure the TCCP be trusted at runtime.2. Based on trusted computing technologies and a property-based signature mechanism,we proposed an elegant, secure, efficient and anonymous remote attestation protocol toTCCPs, namely, the RAA-CCP protocol. There was a need for neither bilinear parings norproperty certificates nor AIK certificates in the protocol, which greatly simplified thecertificate managements. It concurrently achieved the identity attestation and integrity stateattestation to computing nodes. Analyses and experiments show the protocol satisfies theproperties of non-forgeability, anonymity of platform identity, protection of configurationprivacy and resistance to collusion, and has fine performance even under the strong security.It well satisfies the security and performance demands of remote attestation in cloudsurroundings. Then, based on it, we proposed a protocol of remote attestation to user domainsand a vTPM migration protocol. The remote attestation protocol attested to the physical noderunning it as well as the user domain itself. And the vTPM migration protocol required thedestination platform to at least satisfy the same security properties as ones of the sourceplatform, and then allowed the vTPM instance to be migrated by encryption. This ensured thesecurity of the migration process and the destination platform.3. Based on the PGP trust model and the RAA-CCP protocol, we proposed an elegant,secure and scalable scheme for unified identity authentications to cloud users. The scheme iscapable to provide a strong identity authentication for all cloud services and easily achieveSingle Sign-On (SSO) by the form of a middleware. In the scheme, user managements were combined with public-key managements through the PGP model, which was very flexible forthe increase of cloud users and avoided the exhaustive certificate managements in traditionalPKI. And based on the RAA-CCP protocol, the scheme implemented an allianceauthentication without centers, which made a cross-domain authentication no longer process across-certification between CAs, and avoided massive computations when building certificatepaths and verifying the validity of certificate chains. And so it greatly raised the efficiency ofalliance authentications. Analyses show the scheme satisfies the properties of easiness,security, and universality. In addition, the scheme will be more efficient if the data inpublic-key rings keep synchronal, and at this time, the balance of loads on authenticationservers will be automatically achieved. The scheme well satisfies the demands of identityauthentications in cloud surroundings.In short, we set up truly trusted cloud computing surroundings through combiningtrusted computing technologies with virtual machine technologies to build TCCPs, whichensures that cloud users are indeed able to enjoy the cloud computing. The achievements inthis thesis not only promote the researches on cloud computing security, but also provide areference for the work based on trusted computing.更多还原