基于动态信任根的虚拟机监控器动态完整性度量架构

摘要

现有虚拟机监控器（ VMM）动态完整性度量架构在度量信任根的安全性方面存在问题，同时没有综合考虑VMM中需要进行完整性度量的数据，为此提出了一种基于动态信任根的VMM动态完整性度量架构。采用基于AMD的安全虚拟机技术构建动态信任根，可以实现对度量程序加载执行前的完整性度量；同时构建封闭独立的执行环境，从而可以有效地解决度量信任根的问题。通过分析VMM运行时的内存状态，对所有需要进行完整性保护的静态持久化数据进行完整性度量，从而可以保证度量内容的完备性。同时给出该架构在Xen上的实现。实验结果表明，该架构可以有效地解决度量信任根的问题，并且对度量内容具有良好的扩展性，从而保证度量内容的完备性；此外，该度量架构与现有架构HyperCheck-SMM相比有23.3'的性能提升。%There are problems in the existing Virtual Machine Monitor ( VMM ) dynamic integrity measurement architecture, such as the security of the root of trust for measurement, and not considering the data that needs to be used in the VMM for integrity measurement. A new architecture of dynamic integrity measurement architecture for VMM based on dynamic root of trust was presented in this paper. By using secure virtual machine to construct the dynamic root of trust for measurement based on AMD, it could realize the integrity measurement program before execution, and built a closed independent execution environment, which could effectively solve the problem of the root of trust for measurement. By analyzing the memory state of the runtime VMM, it could measure the integrity of all the static persistent data that needed to be protected for guaranteezing the completeness of measurement content. The architecture was implemented on Xen. The experimental results show that the architecture can effectively solve the problem of root of trust for measurement, while ensuring the extensibility of the measurement content to guarantee its completeness, in addition, the measurement architecture can achieve 23. 3' performance boost compared with HyperCheck-SMM.