基于可信计算机制的云计算盲数据处理

山东大学学报(工学版) ›› 2012, Vol. 42 ›› Issue (5): 30-34.

基于可信计算机制的云计算盲数据处理

季涛,李永忠

江苏科技大学计算机科学与工程学院, 江苏镇江 212003

收稿日期:2012-05-10 出版日期:2012-10-20 发布日期:2012-05-10
作者简介:季涛(1985- ),男,江苏常州人,硕士研究生,主要研究方向为网络与信息安全. E-mail: taojust@gmail.com
基金资助:
江苏省高校自然科学基金资助项目(05KJD52006);江苏省研究生培养创新工程资助项目(CXZZ12-0722);江苏科技大学科研资助项目(2005DX006J);江苏科技大学研究生科技创新计划项目

Blind data processing in cloud computing based on trusted computing mechanisms

JI Tao, LI Yong-zhong

Department of Computer Science and Engineering, Jiangsu University of Science and Technology, Zhenjiang 212003, China

Received:2012-05-10 Online:2012-10-20 Published:2012-05-10

摘要/Abstract

摘要： 针对云计算环境下数据处理时敏感数据易受非授权访问和非法篡改的问题,提出一种基于可信计算机制的盲数据处理方法。首先利用可信平台模块在云计算环境中建立可信根,确保敏感数据与云计算系统状态相绑定;然后构建盲数据处理环境,通过可信平台模块加密云间传输的信息,进行系统完整性度量和远程验证;最后采用椭圆曲线加密算法完成从源端到目标端的数据迁移。分析结果表明该方法可以为云计算数据处理提供安全的执行环境。

关键词: 云计算, 可信计算, 可信平台模块, 完整性度量, 盲数据处理

Abstract: Aimed at solving the problem that sensitive data was subjected to unauthorized access and illegal tampering during data processing in cloud computing environment, a new approach called blind data processing based on trusted computing mechanisms was proposed. First, the root of trust in cloud computing environment was established by using trusted platform module(TPM) to ensure that the sensitive data was bound to a particular state of a cloud computing system. Then, the blind data processing environment was constructed. The messages transmitted over the cloud were encrypted by using TPM. The system integrity was measured and the remote attestation was carried out. Data migration from the source to the target side was completed by using elliptic curve cryptographic algorithms. The analysis showed that the secure execution environment for data processing in cloud computing was provided by the proposed approach.

Key words: cloud computing, trusted computing, trusted platform module, integrity measurement, blind data processing

中图分类号:

TP393.08

季涛,李永忠. 基于可信计算机制的云计算盲数据处理[J]. 山东大学学报(工学版), 2012, 42(5): 30-34.

JI Tao, LI Yong-zhong. Blind data processing in cloud computing based on trusted computing mechanisms[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2012, 42(5): 30-34.

参考文献

多维度评价

Viewed

Full text

Abstract

Cited

Shared

Discussed

[1]	何东之, 张吉沣, 赵鹏飞. 不确定性传播算法的MapReduce并行化实现[J]. 山东大学学报(工学版), 2015, 45(5): 22-28.
[2]	陈宏兴, 周风余, 田天, 姜志飞, 陈竹敏. 服务机器人云计算平台SOA接口层模型设计[J]. 山东大学学报(工学版), 2015, 45(4): 31-39.
[3]	田国会, 许亚雄. 云机器人:概念、架构与关键技术研究综述[J]. 山东大学学报(工学版), 2014, 44(6): 47-54.
[4]	张伶卫,万文强. 基于云计算平台的代价敏感集成学习算法研究[J]. 山东大学学报(工学版), 2012, 42(4): 19-23.
[5]	孟祥旭，刘士军，武蕾，潘丽. 云制造模式与支撑技术[J]. 山东大学学报(工学版), 2011, 41(5): 13-20.