Research on the trusted environment of container cloud based on the TPCM
Container technology is a lightweight operating system virtualization technology that is widely used in cloud computing environments and is a research hotspot in the field of cloud computing.The security of container technology has attracted much attention.A method for constructing a trusted environ...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2021-08-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021068 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529779773243392 |
|---|---|
| author | Guojie LIU Jianbiao ZHANG Ping YANG Zheng LI |
| author_facet | Guojie LIU Jianbiao ZHANG Ping YANG Zheng LI |
| author_sort | Guojie LIU |
| collection | DOAJ |
| description | Container technology is a lightweight operating system virtualization technology that is widely used in cloud computing environments and is a research hotspot in the field of cloud computing.The security of container technology has attracted much attention.A method for constructing a trusted environment of container cloud using active immune trusted computing was proposed, and its security meet the requirements of network security level protection standards.First, container cloud servers were measured through the TPCM and a trust chain from the TPCM to the container's operating environment was established.Then, by adding the trusted measurement agent of the container to the TSB, the trusted measurement and trusted remote attestation of the running process of the container were realized.Finally, an experimental prototype based on Docker and Kubernetes and conduct experiments were built.The experimental results show that the proposed method can ensure the credibility of the boot process of the cloud server and the running process of the container and meet the requirements of the network security level protection standard evaluation. |
| format | Article |
| id | doaj-art-335387e3d3e941948c82ff22aad56c43 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2021-08-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-335387e3d3e941948c82ff22aad56c432025-01-15T03:15:09ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2021-08-01716417459568287Research on the trusted environment of container cloud based on the TPCMGuojie LIUJianbiao ZHANGPing YANGZheng LIContainer technology is a lightweight operating system virtualization technology that is widely used in cloud computing environments and is a research hotspot in the field of cloud computing.The security of container technology has attracted much attention.A method for constructing a trusted environment of container cloud using active immune trusted computing was proposed, and its security meet the requirements of network security level protection standards.First, container cloud servers were measured through the TPCM and a trust chain from the TPCM to the container's operating environment was established.Then, by adding the trusted measurement agent of the container to the TSB, the trusted measurement and trusted remote attestation of the running process of the container were realized.Finally, an experimental prototype based on Docker and Kubernetes and conduct experiments were built.The experimental results show that the proposed method can ensure the credibility of the boot process of the cloud server and the running process of the container and meet the requirements of the network security level protection standard evaluation.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021068trusted computingtrusted boottrusted measurementremote attestation |
| spellingShingle | Guojie LIU Jianbiao ZHANG Ping YANG Zheng LI Research on the trusted environment of container cloud based on the TPCM 网络与信息安全学报 trusted computing trusted boot trusted measurement remote attestation |
| title | Research on the trusted environment of container cloud based on the TPCM |
| title_full | Research on the trusted environment of container cloud based on the TPCM |
| title_fullStr | Research on the trusted environment of container cloud based on the TPCM |
| title_full_unstemmed | Research on the trusted environment of container cloud based on the TPCM |
| title_short | Research on the trusted environment of container cloud based on the TPCM |
| title_sort | research on the trusted environment of container cloud based on the tpcm |
| topic | trusted computing trusted boot trusted measurement remote attestation |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021068 |
| work_keys_str_mv | AT guojieliu researchonthetrustedenvironmentofcontainercloudbasedonthetpcm AT jianbiaozhang researchonthetrustedenvironmentofcontainercloudbasedonthetpcm AT pingyang researchonthetrustedenvironmentofcontainercloudbasedonthetpcm AT zhengli researchonthetrustedenvironmentofcontainercloudbasedonthetpcm |