為了滿足電腦使用者對於資料安全的需求,世界各國的公司組成了一個可信任運算組織(Trusted Computing Group)專門制定各種安全標準,其中對於可信任的平台制定了可信任平台模組(Trusted Platform Module),以此開發的晶片做為可信任基礎,確保平台的完整性以及可信性,進而能夠保護系統上其他元件與資料的完整性。 隨著雲端運算的快速發展,各種不同的應用如雨後春筍般冒出,來自各方的新創公司與使用者更是源源不絕的投入雲端市場。雲端服務的提供商為了滿足眾多使用者的需求,必須不斷增加自己的硬體設備,並透過虛擬化的技術來調整所提供的資源。為了讓使用者在雲端環境中也能使用可信任平台模組的功能,所以近年發展了虛擬的可信任平台模組(virtual TPM),讓同一台實體機器上的虛擬機都能享有TPM帶來的好處。 因為負載平衡、系統升級或資源調配等等軟體或硬體的原因,虛擬機需要在不同的主機之間遷移,以達到最好的運用。對於使用vTPM的虛擬機,在遷移時需要將虛擬機與vTPM一同做遷移。為了保持虛擬機在遷移的每個階段都是安全的,遷移時需要建立安全通訊管道,並確認遷移的目的端是否為可信任的,保護用戶資料的安全。 目前的通訊協定在遷移時只能做到二元的判斷,對於遷移的環境沒有更詳細的檢查,由於被遷移的虛擬機可能會需要較良好的安全性,把虛擬機遷移至舊版存有漏洞的系統環境下,則會對該虛擬機的安全性造成危害。若是在遷移時能對於遷移的環境有精細的確認,比如使用的系統、版本或地點,則可以對虛擬機的安全有較安全的保障。 本論文提出一安全VM-vTPM遷移機制,對於在雲端環境使用vTPM的使用者不需擔心VM的安全等級下降。在新主機加入時會對其各方面的屬性做確認,並給予相對應的基於屬性的加密金鑰。在遷移的過程中,會使用該金鑰對遷移的目的端進行驗證,確保目的端不僅是可信任的一方,所達到的安全等級也滿足遷移來源端的要求。;Trusted Computing Group formed by international industries develops specifications for security problems, including specification of Trusted Platform Module (TPM). Platforms built on TPM could treat it as the base of trusted computing, and then protect data confident and integrity on the platform. Cloud computing developed rapidly in recent years. There are a lot of companies, developers and users join this market. Fulfilling the massive requirements from client, cloud service providers would expand the hardware resources and use virtualization technology to reach maximum usage of these resources. The virtualization technology for TPM, called virtual TPM, provides trusted computing for every virtual machine on the same platform. VMs would be migrated between different hosts for load balancing, system upgrade and other reasons. The virtual machines which have vTPM need to be migrated together. In order to keep the security of the VM and vTPM, there is need to build a secure channel and check the destination authority before migration. Current migration protocols only check the destination of migration can be trusted or not. The platform of destination runs an old and vulnerable system decreases the secure requirements of the VM migrated to the platform. It should check the property of platform before migration. In this paper, we propose a secure VM-vTPM migration protocol for keep VM secure level after migration. Before a new hosts join to the cloud service, its property would be checked and given a property-based key. In the migration stage, platform of the source would use the key to verify the platform of destination is fulfilled of the secure level.
