摘要: 云计算环境下,服务资源分布广泛、迁移频繁,资源之间的信任关系不易建立与维护。传统的可信计算远程验证方法存在性能瓶颈和计算复杂等问题。在研究云服务资源信任验证方法的基础上,提出一种属性协商的远程验证方法。采用环签名算法和基于属性的敏感信息保护机制,提高了信任验证计算效率,减小了敏感信息泄露的风险。设计的安全模型证明了方法的安全性。通过Hadoop平台下的实验,验证了方法的有效性和可行性。
[1] Santos N,Krishna P.Towards Trusted Cloud Computing[A]∥HotCloud’09Proceedings of the 2009conference on Hot topics in cloud computing,2009[C].CA,USA:USENIX,2009:22 [2] Armbrust,Michael,Fox,et al.A view of cloud computing[J].Communication of the ACM,2010(4):50-58 [3] Trusted Computing Group.Trusted Computing Platform Alli-ance main specification version 1.1b[EB/OL].http//www.Trustedcomputinggroup.org,2011-11 [4] Trusted Computing Group.Trusted Computing Platform Alli-ance main specification version 1.2[EB/OL].http//www.Trustedcomputinggroup.org,2012-08 [5] Brickell E,Chen Li-qun,Li Jiang-tao.A New Direct Anonymous Attestation Scheme from Bilinear Maps[J].Lecture Notes in Computer Science,2008(4968/2008):166-178 [6] Chen Li-qun.A DAA scheme requiring less TPM resources[J].Lecture Notes in Computer Science,2011(6151):350-365 [7] 周彦伟,吴振强,蒋李.分布式网络环境下的跨域匿名认证机制[J].计算机应用,2010(08):2120-2124 [8] Haldar V,Chandra D,Franz M.Semantic Remote Attestation-A Virtual Machine directed approach to Trusted Computing[A]∥USENIX Virtual Machine Research and Technology Symposium[C].2004 [9] Chen Li-qun,Lhr H,Manulis M.Property-Based Attestationwithout a Trusted Third Party[J].Lecture Notes in Computer Science,2008(5222):31-46 [10] 刘吉强,赵佳,赵勇.可信计算中远程自动匿名证明的研究[J].计算机学报,2009(7):1304-1310 [11] Bender A,Katz J,Morselli R.Ring Signatures:Stronger Definitions,and Constructions without Random Oracles[J].Journal of Cryptology,2009(1):114-138 [12] Zou De-qing,Du Shang-xin,Zheng Wei-de,et al.Building Automated Trust Negotiation architecture in virtual computing environment[J].Journal of Supercomputing,2011(1):69-85 [13] 陈小峰,冯登国.一种多信任域内的直接匿名证明方案[J].计算机学报,2008(07):1122-1128 [14] Brickell E,Chen L,Li J.A New Direct Anonymous Attestation Scheme from Bilinear Maps[C]∥LNCS 4968. Springer-Verlag,2008:166-178 |
No related articles found! |
|