摘要
可信云计算领域的安全证明是一个综合完整性校验的身份识别的过程,同时向验证者提供了一份云平台可信平台状态报告。将可信计算标准中的安全证明技术引入到现场控制环境中,能够有效地提高设备状态报告的安全性和可信性。本文设计的基于Merkle散列树的安全证明方案及其设计模块可以确保设备主动、周期性地向管理中心发送自己的平台运行状态,存储容量开销和计算成本所需减少,从而减轻了管理中心的计算压力。同时,在完整性报告上绑定时间戳以确保认证的新鲜性,提高了应答方证明的主动性,同时又保证了证明信息的完整性。实验证明提出的安全证明方法减少了证明双方交互的轮数,提高了证明效率。综上所述,基于Merkle散列树的安全证明方法可以确保云计算认证和安全证明的完整性。
Security certification in the field of trusted cloud computing is a comprehensive integrity checking iden- tification process, at the same time, the verifier provides a credible platform status report. The remote attestation of trusted computing standard technology is introduced into the field control environment, and it can effectively improve the safety and credibility of the equipment status. This paper design the security certification scheme based on Merkle hash tree and its design module can ensure equipment sending its platform running state to the management center actively and periodically, and reduce the cost overhead storage capacity and computing requirement, so as to reduce the calculation pressure of management center. At the same time, the timestamp is bound in the integrity report to ensure freshness of authentication and improve the initiative of the responding to prove, and ensures that the integrity of the information proving at the same time. Experiments prove that this security certificate protocol reduces the interaction between the two sides round number and improve the efficiency of the proof. All in all, trusted cloud computing information security of certificate method based on Merkle tree can ensure the integrity of cloud computing certification and safety certification.
出处
《激光杂志》
北大核心
2016年第11期122-127,共6页
Laser Journal
基金
江苏省高等职业院校国内高级访问学者计划资助项目(2013fx096)
关键词
云计算
Merkle散列树
可信计算
安全证明
cloud computing
merkle hash tree
trusted computing
optimal solution
security certificate
