摘要
创新点
-
1
提出可信执行环境构建机制, 通过将传统的动态可信度量根虚拟化, 同时为多个云服务虚拟机构建可信执行环境;
-
2
提出安全回滚机制, 保持云服务安全状态的一致性, 使得云租户不会因为云服务的回滚而导致安全状态丢失;
-
3
提出虚拟机组安全构建机制, 保持云服务安全状态的一致性, 使得云服务提供商不会因为虚拟机的加入、 退出和迁移而丢失对虚拟机安全状态的追踪;
-
4
提出栈数据立即更新机制和栈数据实时更新机制, 通过动态软件升级系统, 保证了服务在更新过程中的可靠性和持续性;
-
5
提出云平台中离线镜像更新机制, 通过镜像离线更新系统, 避免了离线镜像更新所产生的大部分开销。
References
Tsai W T, Bai X Y, Huang Y. Software-as-a-service (SaaS): perspectives and challenges. Sci China Inf Sci, 2014, 57: 051101
Dai W Q, Jin H, Zou D Q, et al. TEE: a virtual DRTM based execution environment for secure cloudend computing. Future Gener Comput Syst, 2015; 49: 47–57
Dai WQ, Paul P T, Jin H, et al. Enhancing data trustworthiness via assured digital signing. IEEE Trans Depend Secure Comput (TDSC), 2012; 9: 838–851
Shi L, Zou D Q, Jin H. Xen Virtualization Technology (in Chinese). Wuhan: Huazhong University of Science and Technology Press, 2009
Jin H. The Virtualization of Computing System Principles and Applications (in Chinese). Beijing: Tsinghua University Press, 2008
Zou D Q, Qiang WZ, Jin H. The Principles and Application of Trusted Computing Technology (in Chinese). Beijing: Science Press, 2011
Chen G, Jin H, Zou D Q, et al. A framework for practical dynamic software updating. IEEE Trans Parallel Distrib Syst, 2016; 27: 941–950
Liu K, Zou D Q, Jin H. UaaS: software update as a service for the IaaS cloud. In: Proceedings of IEEE International Conference on Services Computing, Chicago, 2015. 483–490