中圖分類號： TP393
文獻標識碼： A
DOI： 10.19358/j.issn.2096-5133.2020.06.008
引用格式： 趙軍，王曉. 云環境下國產可信根TCM虛擬化方案研究[J].信息技術與網絡安全，2020，39(6)：44-48，67.

Research on virtualization scheme of domestic trusted root TCM in cloud environment

Abstract： Applying trusted computing technology to cloud environment is an effective way to ensure cloud security. The trusted cryptography module(TCM) of domestic trusted computing is suitable for single platform, but can not provide security and credibility guarantee for cloud platform with multi virtual machines. Aiming at this problem, the virtualization scheme of TCM is studied, and the architecture of cloud TCM(C-TCM) is constructed. In the physical environment of C-TCM, host trusted root and virtual trusted root are constructed, which provide trusted services for physical host and virtual machine respectively. At the same time, virtual trusted root management mechanism is deployed in the virtual machine monitor layer to realize the resources sharing of C-TCM hardware. This scheme can effectively guarantee the security and credibility of the cloud platform.

Key words : cloud security；trusted computing；the virtualization of trusted cryptographic module TCM；the architecture of cloud trusted root C-TCM