摘要
本文在利用可信计算技术的基础上,结合分布式门限存储思想,提出了一种容灾系统的安全增强体制。该体制引用了嵌有可信平台模块的可信计算平台,这种具有安全存储、远程证明等优势特性的平台有效保证了容灾终端的高可信性;为了保障信息数据的存储安全性,则采用基于Erasure码的分布式门限存储的安全增强技术,该技术不仅能解决海量数据的存储问题,而且可以较好地防止单点失效、减轻在容灾过程中网络负载以及解决联合欺骗等安全问题。因此,通过应用这些安全增强技术,可以为容灾系统中的海量数据提供全面的安全保护。
A kind of data protection scheme based on trusted computing is proposed, which combines trusted computing with distributed store. This scheme takes advantage of trusted computing platform with trusted computing module, wbicb is provided with such excellent lfeatures as security storage, remote attestation, and so on. Those features solve the problem whether the terminal of tolerance disaster is trustworthy; Furthermore, distributed storage based on Erasure code not only disposes the problem about a great deal of data, but also preferably avoids one node's invalidation, alleviates network load and deals with joint cheat. So, those security enhancement technologies provide the perfect protection witb mass data during the course of disaster tolerance.
出处
《微计算机信息》
2009年第24期44-46,共3页
Control & Automation
