TPM context manager and dynamic configuration management for trusted virtualization platform |
| |
Authors: | Yu Qin Dengguo Feng Chunyong Liu |
| |
Institution: | [1]Institute of Software, Chinese Academy of Science/StateKey Laboratory of Information Security, Beijing 100080, China [2]College of Computer Science and Technology, ChongqingUniversity, Chongqing 400030, China |
| |
Abstract: | It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing
storage and remote attestation, especially in trusted virtualization platform like Xen whose system configuration changes
easily. TPM (trusted platform module) context manager is presented to carry out dynamic configuration management for virtual
machine. It manages the TPM command requests and VM (virtual machine) configurations. The dynamic configuration representation
method based on Merkle hash tree is explicitly proposed against TCG (trusted computing group) static configuration representation.
It reflects the true VM status in real time even if the configuration has changed, and it eliminates the invalidation of configuration
representation, sealing storage and remote attestation. TPM context manager supports TCG storage protection, remote attestation
etc, which greatly enhances the security on trusted virtualization platform.
Foundation item: Supported by the National High Technology Research and Development Program of China (2007AA01Z412) |
| |
Keywords: | trusted computing TPM (trusted platform module) trusted virtualization configuration representation configuration management |
本文献已被 维普 SpringerLink 等数据库收录! |
|