Nothing Special   »   [go: up one dir, main page]

CN104092733B - A kind of credible distributed file system based on HDFS - Google Patents

A kind of credible distributed file system based on HDFS Download PDF

Info

Publication number
CN104092733B
CN104092733B CN201410281244.1A CN201410281244A CN104092733B CN 104092733 B CN104092733 B CN 104092733B CN 201410281244 A CN201410281244 A CN 201410281244A CN 104092733 B CN104092733 B CN 104092733B
Authority
CN
China
Prior art keywords
remote
data
module
platform
remote proving
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410281244.1A
Other languages
Chinese (zh)
Other versions
CN104092733A (en
Inventor
刘发贵
张晓杰
王亮明
石明
郭小军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China University of Technology SCUT
Original Assignee
South China University of Technology SCUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China University of Technology SCUT filed Critical South China University of Technology SCUT
Priority to CN201410281244.1A priority Critical patent/CN104092733B/en
Publication of CN104092733A publication Critical patent/CN104092733A/en
Application granted granted Critical
Publication of CN104092733B publication Critical patent/CN104092733B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The credible distributed file system based on HDFS that the invention discloses a kind of, including remote proving module and data seal modules, the remote proving module include:Based on the remote proving module of integrity measurement framework IMA, remote procedure call remote proving module connects remote proving module with socket;The seal data module includes progress data seal modules after remote proving failure.The beneficial effects of the invention are as follows credible and secure mechanism is added in HDFS distributed file systems, so that carrying out the credibility for being able to confirm that interactive object when data interaction between entity node, system connection untrusted address can be prevented after system integrity is destroyed, being sealed to data after remote proving failure ensures that data are not leaked.

Description

一种基于HDFS的可信分布式文件系统A Trusted Distributed File System Based on HDFS

技术领域technical field

本发明涉及可信计算领域,特别涉及一种基于HDFS的可信分布式文件系统。The invention relates to the field of trusted computing, in particular to a trusted distributed file system based on HDFS.

背景技术Background technique

由于近年来信息技术的迅速发展和广泛普及,大量的数据以指数级增长,谷歌、雅虎、亚马逊等大企业面临海量数据的挑战。谷歌率先推出了谷歌文件系统GFS和MapReduce来应对海量数据的存储和处理,引起广泛的关注,并迅速催生了一个开源的版本,称为Hadoop。在近几年飞速的发展后,Hadoop已经成为互联网公司基础计算平台的一个重要部分,在腾讯、百度、阿里巴巴等国内大企业,以及Twitter、Facebook等国外大企业中,均有自己定制的版本。Hadoop是专门为离线处理和大规模数据分析而设计的,在一次写入多次读取的事务上,Hadoop以高效的实现和稳定的性能,在互联网企业中得到广泛的支持和应用。Due to the rapid development and widespread popularization of information technology in recent years, a large amount of data has grown exponentially, and large companies such as Google, Yahoo, and Amazon are facing the challenge of massive data. Google took the lead in launching the Google file system GFS and MapReduce to deal with the storage and processing of massive data, which attracted widespread attention and quickly gave birth to an open source version called Hadoop. After rapid development in recent years, Hadoop has become an important part of the basic computing platform of Internet companies. It has its own customized versions in domestic large enterprises such as Tencent, Baidu, and Alibaba, as well as large foreign enterprises such as Twitter and Facebook. . Hadoop is specially designed for offline processing and large-scale data analysis. In the transaction of writing once and reading multiple times, Hadoop is widely supported and applied in Internet enterprises because of its efficient implementation and stable performance.

伴随着云计算的蓬勃发展,也碰到了许多关键性问题,安全问题尤其突出。Hadoop的分布式存储系统称为Hadoop分布式文件系统,简称HDFS,它由名字节点、第二名字节点、数据节点和DFS客户端等实体节点组成。名字节点存储着分布式文件系统的命名空间镜像fsimage和编辑日志edits,并在内存中维护着文件系统树及整棵树内所有的文件和目录。数据节点是数据块实质上存储的地方,数据块默认副本数为3,在读写该数据块的时候会在副本间进行同步。第二名字节点负责命名空间镜像fsimage和编辑日志edits的合并,并把合并后的数据传回给名字节点。DFS客户端是DistributedFilesystem的一个对象,HDFS应用程序一般会获得一个DistributedFilesystem来和HDFS进行交互,而DFS客户端是实际上和名字节点以及数据节点进行交互的对象。这些多个实体节点之间频繁进行着远程过程调用、TCP流式数据传输以及HTTP流式数据传输等交互操作,如何保证这些数据交互是安全可靠的逐渐受到关注。由于Hadoop是在防火墙内的局域网部署,在1.0版本后添加的安全机制主要是用于更好地辅助局域网内多用户的协作。然而在进阶持续性渗透攻击AdvancedPersistent Attack流行起来后,防火墙提供的安全屏障逐渐变得力不从心。With the vigorous development of cloud computing, many key issues have also been encountered, especially security issues. Hadoop's distributed storage system is called Hadoop Distributed File System, or HDFS for short, which consists of name nodes, second name nodes, data nodes, and DFS clients and other entity nodes. The name node stores the namespace image fsimage and edit log edits of the distributed file system, and maintains the file system tree and all files and directories in the entire tree in memory. The data node is the place where the data block is actually stored. The default number of copies of the data block is 3. When reading and writing the data block, it will be synchronized between the copies. The second name node is responsible for merging the namespace image fsimage and the edit log edits, and passing the merged data back to the name node. The DFS client is an object of the DistributedFilesystem. HDFS applications generally obtain a DistributedFilesystem to interact with HDFS, and the DFS client is the object that actually interacts with the name node and the data node. These multiple physical nodes frequently perform interactive operations such as remote procedure calls, TCP streaming data transmission, and HTTP streaming data transmission. How to ensure that these data interactions are safe and reliable has gradually attracted attention. Since Hadoop is deployed on a LAN within the firewall, the security mechanism added after version 1.0 is mainly used to better assist the collaboration of multiple users in the LAN. However, after the Advanced Persistent Attack became popular, the security barrier provided by the firewall gradually became inadequate.

目前,在解决云计算安全问题上,已经涌现出很多方法和思路。将可信计算技术应用在云计算环境,来解决云计算应用中碰到的安全问题,就是云计算安全领域研究的一大热点。可信计算的目的是保护最敏感的信息,如私钥和对称密钥不被窃取或不被恶意代码使用。和Hadoop假设环境是在安全的防火墙内相反,可信计算假定软件在使用过程中可能会遭到破坏,当攻击发生时,敏感的密钥将被保护起来。可信计算组织(Trusted ComputingGroup,TCG)定义的可信平台模块(Trusted Platform Module,TPM)是一种置于计算机中的新的嵌入式安全子系统。TCG芯片主要通过公钥认证功能,完整性度量功能和远程证明功能来达到保护终端安全的目的。通过检查PCR度量值的变化,拥有TPM的平台能够发现间谍软件、木马等恶意程序的存在,并在发现恶意代码后,平台会命令TPM拒绝对敏感数据的解密操作或者使用私钥来签名或解密的操作。由于TPM所有者的搜全私钥不会被泄露,因此任何企图获取私钥的恶意行为都不可行。At present, many methods and ideas have emerged to solve cloud computing security issues. Applying trusted computing technology to the cloud computing environment to solve the security problems encountered in cloud computing applications is a hot spot in the field of cloud computing security research. The purpose of trusted computing is to protect the most sensitive information, such as private and symmetric keys, from being stolen or used by malicious code. Contrary to Hadoop's assumption that the environment is inside a secure firewall, trusted computing assumes that the software can be compromised during use and that sensitive keys will be protected when an attack occurs. The Trusted Platform Module (TPM) defined by the Trusted Computing Group (Trusted Computing Group, TCG) is a new embedded security subsystem placed in a computer. The TCG chip mainly uses the public key authentication function, the integrity measurement function and the remote attestation function to achieve the purpose of protecting the terminal security. By checking the change of PCR measurement value, the platform with TPM can detect the existence of malicious programs such as spyware and Trojan horse, and after finding malicious code, the platform will order the TPM to refuse the decryption operation of sensitive data or use the private key to sign or decrypt operation. Since the private key of the TPM owner will not be leaked, any malicious attempt to obtain the private key is infeasible.

发明内容Contents of the invention

本发明基于分布式系统和可信计算技术快速普及的背景下,研究把可信计算技术融入到分布式系统中,以解决分布式系统的安全问题,提出使用可信计算技术尤其是远程证明技术和数据密封技术来解决分布式文件系统的安全问题的解决方案,具体技术方案如下。Based on the background of the rapid popularization of distributed systems and trusted computing technology, the present invention studies the integration of trusted computing technology into distributed systems to solve the security problems of distributed systems, and proposes the use of trusted computing technology, especially remote certification technology and data sealing technology to solve the security problem of the distributed file system, the specific technical solution is as follows.

本发明的技术方案是:Technical scheme of the present invention is:

一种基于HDFS的可信分布式文件系统,包括远程证明模块和数据密封模块,所述远程证明模块包括:基于完整性度量架构IMA的远程认证模块,用于实体节点之间进行平台状态远程证明,验证平台完整性;远程过程调用远程证明模块,用于在HDFS实体节点之间建立远程过程调用连接的时候,进行远程证明,确保远程过程调用发起者的平台状态完整性;套接字连接远程证明模块,用于实体节点在连接非可信地址的时候进行远程证明,避免平台数据泄露。所述数据密封模块用于在远程证明失败后对数据进行密封,通过PCR值对对称密钥进行密封,并用对称密钥对数据进行加密,从而使得数据只有在可信的平台状态下才能被解密,从而确保数据不被泄露。A trusted distributed file system based on HDFS, including a remote attestation module and a data sealing module, the remote attestation module includes: a remote attestation module based on integrity measurement architecture IMA, used for remote attestation of platform status between entity nodes , to verify the integrity of the platform; the remote procedure call remote certification module is used to perform remote certification when establishing a remote procedure call connection between HDFS entity nodes to ensure the integrity of the platform state of the remote procedure call initiator; the socket connection remote The certification module is used for remote certification of entity nodes when connecting to untrusted addresses to avoid platform data leakage. The data sealing module is used to seal the data after the remote certification fails, seal the symmetric key through the PCR value, and encrypt the data with the symmetric key, so that the data can only be decrypted in a trusted platform state , so as to ensure that the data is not leaked.

进一步的,上述方案中,所述远程过程调用远程证明模块进行如下步骤:首先远程过程调用申请者对远程过程调用服务器的远程过程调用端口发起套接字连接请求,远程过程调用服务器接受连接后,远程过程调用申请者发送远程过程调用报头以及使用服务器公钥加密的随机数n,远程过程调用服务器使用私钥解密获得随机数n后,发送平台状态寄存器PCR10的值,随机数n以及度量列表返还给申请者。申请者对接收数据进行验证后,确定对方是否处于可信的平台状态,即确认对方的平台状态完整性。Further, in the above solution, the remote procedure call remote certification module performs the following steps: first, the remote procedure call applicant initiates a socket connection request to the remote procedure call port of the remote procedure call server, and after the remote procedure call server accepts the connection, The remote procedure call requester sends the remote procedure call header and the random number n encrypted with the server public key, and the remote procedure call server uses the private key to decrypt the random number n, and then sends the value of the platform status register PCR10, the random number n and the metric list back to applicants. After verifying the received data, the applicant determines whether the other party is in a trusted platform state, that is, confirms the integrity of the other party's platform state.

所述的套接字连接远程过程调用模块进行如下步骤:首先用户进程发起套接字连接系统调用connect并传入连接地址作为参数,接着系统调用中判断连接地址是否在可信地址列表中,如果不是则判断可信代理进程是否启动,如果启动则发送连接地址给可信代理进程,否则直接返回错误。The socket connection remote procedure call module carries out the following steps: first, the user process initiates a socket connection system call connect and imports the connection address as a parameter, and then judges whether the connection address is in the trusted address list in the system call, if If not, it is judged whether the trusted agent process is started, and if it is started, the connection address is sent to the trusted agent process, otherwise an error is returned directly.

所述的数据密封模块进行如下步骤:首先进程远程证明,如果远程证明成功则生成一对AES密钥并使用指定平台状态寄存器PCR对密钥进程数据密封,把密封数据导出到磁盘上。如果远程证明失败,则使用密钥对数据进行加密,并在加密完成后丢弃该密钥。The described data sealing module carries out the following steps: first process remote certification, if the remote certification is successful, then generate a pair of AES keys and use the designated platform status register PCR to seal the key process data, and export the sealed data to the disk. If the remote attestation fails, the data is encrypted using a key and the key is discarded after the encryption is complete.

远程证明基于完整性度量架构IMA的静态度量列表。Remote attestation is based on the static metric list of the Integrity Metric Architecture IMA.

数据密封通过对AES密钥进行密封并使用AES密钥对数据进行加密,避免直接使用RSA密钥对数据进行加密导致效率降低。Data sealing can seal the AES key and use the AES key to encrypt the data, avoiding the efficiency reduction caused by directly using the RSA key to encrypt the data.

本发明在实体节点与实体节点正常的通信交互之前加入远程证明的过程,只有在通过远程证明和动态度量得出所要通信的实体节点是可信时,才允许进行数据交互。本发明在实体节点进行套接字连接系统调用时候,如果连接地址非可信地址会进行远程证明,只有远程证明通过才允许套接字连接,从而避免实体节点完整性被破坏后把数据传输到入侵者机器。本发明在远程证明失败后,把实体节点上的数据进行数据密封,避免数据泄露。本发明一方面可以对各个实体进行远程证明,另一方面也可以在系统完整性被破坏后阻止套接字连接非可信地址从而避免数据泄露,同时能够在远程证明失败后对数据进行密封,最终实现实际可行的可信分布式文件系统。In the present invention, the process of remote certification is added before the normal communication and interaction between entity nodes and entity nodes, and only when the entity node to be communicated is trusted through remote certification and dynamic measurement, data interaction is allowed. In the present invention, when the entity node performs a socket connection system call, if the connection address is not a trusted address, remote certification will be performed, and the socket connection will be allowed only if the remote certification passes, so as to avoid the integrity of the entity node being damaged and then transmitting data to Intruder machine. After the remote certification fails, the invention seals the data on the entity node to avoid data leakage. On the one hand, the present invention can carry out remote certification for each entity, and on the other hand, it can also prevent the socket from connecting to an untrusted address after the system integrity is destroyed, so as to avoid data leakage, and at the same time, it can seal the data after the remote certification fails. Finally, a practical and feasible trusted distributed file system will be realized.

与现有技术相比,本发明的有益效果是:一、在传统的二进制远程证明失败后,添加了数据密封机制保护数据的安全;二、远程过程调用中添加远程证明及数据密封机制,使得分布式文件系统中交互的实体节点都获得完整性度量架构IMA以及TPM提供的可信保障;三、在套接字连接过程中,添加了对非可信地址进行connect操作的时候,进行远程证明的操作,从而保障入侵者无法通过网络连接到攻击者服务器并把本地数据直接传送到攻击者服务器。四、在可信分布式文件系统的基础上,设计并实现了一个网盘应用,该应用针对可信分布式文件系统的特点,可以定制更进一步的安全性。Compared with the prior art, the beneficial effects of the present invention are: 1. After the failure of traditional binary remote proof, a data sealing mechanism is added to protect the security of data; 2. Remote proof and data sealing mechanism are added in the remote procedure call, so The physical nodes interacting in the distributed file system all obtain the integrity measurement framework IMA and the trusted guarantee provided by TPM; 3. In the process of socket connection, remote proof is added when connecting to an untrusted address operation, so as to ensure that intruders cannot connect to the attacker server through the network and directly transmit local data to the attacker server. 4. On the basis of the trusted distributed file system, a network disk application is designed and implemented. This application can customize further security for the characteristics of the trusted distributed file system.

附图说明Description of drawings

图1为本发明组成示意图;Fig. 1 is a schematic diagram of the composition of the present invention;

图2为基于IMA的平台状态远程证明模块设计图;Figure 2 is a design diagram of the IMA-based platform state remote proof module;

图3为远程过程调用远程证明模块设计图;Fig. 3 is the design diagram of the remote procedure call remote certification module;

图4为套接字连接远程证明模块设计图;Fig. 4 is the design diagram of the socket connection remote certification module;

图5为数据密封模块设计图。Figure 5 is a design diagram of the data sealing module.

具体实施方式Detailed ways

以下结合附图对本发明进一步说明,但本发明的实施和保护不限于此,以下若有未特别说明的符号或过程,均是本领域技术人员可以参照现有技术实现的。The present invention will be further described below in conjunction with the accompanying drawings, but the implementation and protection of the present invention are not limited thereto. If there are any unspecified symbols or processes below, those skilled in the art can refer to the prior art.

实施例一Embodiment one

如图1所示,一种基于HDFS的可信分布式文件系统的设计,包括远程证明模块和数据密封模块,所述远程证明模块包括:基于完整性度量架构IMA的远程证明模块,用于申请者建立连接的激活证书,提供申请者拥有合法的TPM的凭证;远程过程调用远程证明模块,用于在HDFS实体节点之间建立远程过程调用连接的时候,进行远程证明,确保远程过程调用发起者的平台状态完整性;套接字连接远程证明模块,用于实体节点在连接非可信地址的时候进行远程证明,避免平台数据泄露。所述数据密封模块用于在远程证明失败后对数据进行密封,通过PCR值对对称密钥进行密封,并用对称密钥对数据进行加密,从而使得数据只有在可信的平台状态下才能被解密,从而确保数据不被泄露。As shown in Figure 1, a design of a trusted distributed file system based on HDFS includes a remote certification module and a data sealing module. The activation certificate for establishing a connection with the applicant provides the applicant with a valid TPM certificate; the remote procedure call remote certification module is used to perform remote certification when establishing a remote procedure call connection between HDFS entity nodes to ensure that the remote procedure call initiator The integrity of the platform state; the socket connection remote certification module is used for remote certification when the entity node connects to an untrusted address to avoid platform data leakage. The data sealing module is used to seal the data after the remote certification fails, seal the symmetric key through the PCR value, and encrypt the data with the symmetric key, so that the data can only be decrypted in a trusted platform state , so as to ensure that the data is not leaked.

如图2所示,所述的基于完整性度量架构IMA的远程证明模块包括挑战者和被认证者两个部分,挑战者发送随机数给被认证者,被认证者通过身份密钥对随机数和平台状态寄存器PCR10的值进行数字签名后返回给挑战者。挑战者使用被认证者的身份密钥公钥对数据进行加密,并验证随机数是否正确。接着被认证者发送完整性度量架构维护的度量列表,挑战者通过模拟PCR扩展度量列表操作验证PCR10的值是否一致,如果一致说明度量列表没有被篡改,通过遍历度量列表查看度量值是否合法,如果都合法则说明被认证者的平台完整性没有被破坏,并返回度量结果。As shown in Figure 2, the remote attestation module based on the integrity measurement architecture IMA includes two parts: the challenger and the authenticatee. and the value of the platform status register PCR10 are digitally signed and returned to the challenger. The challenger encrypts the data with the public key of the identity key of the authenticatee and verifies whether the random number is correct. Then the authenticated person sends the metric list maintained by the integrity metric framework. The challenger verifies whether the value of PCR10 is consistent by simulating the operation of the PCR extended metric list. If it is consistent, it means that the metric list has not been tampered with. Check whether the metric value is legal by traversing the metric list. If Both legal rules indicate that the platform integrity of the authenticated party has not been destroyed, and return the measurement result.

如图3所示,所述的远程过程调用远程证明模块包括远程过程调用客户端和远程过程调用服务器,远程过程调用申请者对远程过程调用服务器的远程过程调用端口发起套接字连接请求,远程过程调用服务器接受连接后,远程过程调用申请者发送远程过程调用报头以及使用服务器公钥加密的随机数n,远程过程调用服务器使用私钥解密获得随机数n后,发送平台状态寄存器PCR10的值,随机数n以及度量列表返还给申请者。申请者对接收数据进行验证后,确定对方是否处于可信的平台状态,即确认对方的平台状态完整性。As shown in Figure 3, the remote procedure call remote certification module includes a remote procedure call client and a remote procedure call server, and the remote procedure call applicant initiates a socket connection request to the remote procedure call port of the remote procedure call server, and the remote procedure call After the procedure call server accepts the connection, the remote procedure call applicant sends the remote procedure call header and the random number n encrypted with the server public key, and the remote procedure call server uses the private key to decrypt the random number n, and then sends the value of the platform status register PCR10, The random number n and the list of metrics are returned to the applicant. After verifying the received data, the applicant determines whether the other party is in a trusted platform state, that is, confirms the integrity of the other party's platform state.

如图4所示,所述的套接字连接远程过程调用包括以下步骤:首先用户进程发起套接字连接系统调用connect并传入连接地址作为参数,接着系统调用中判断连接地址是否在可信地址列表中,如果不是则对可信代理进程是否启动进行判断,如果启动则发送连接地址给可信代理进程,否则直接返回错误。所述的可信地址列表包括INADDR_ANY,INADDR_LOCALHOST等共十一个本地地址,以及集群内部其他交互机器的IP地址。所述发送连接地址给可信代理使用了Netlink作为内核和用户进行数据交互方法。所述tPid表示可信代理进程的进程号,当系统启动的时候初始化为-1,当可信代理进程启动后初始化为可信代理进程的进程号。所述ERR表示系统调用返回错误值。As shown in Figure 4, the socket connection remote procedure call includes the following steps: first, the user process initiates the socket connection system call connect and passes in the connection address as a parameter, and then judges whether the connection address is in the credible In the address list, if not, it is judged whether the trusted agent process is started, and if it is started, the connection address is sent to the trusted agent process, otherwise an error is returned directly. The trusted address list includes eleven local addresses including INADDR_ANY and INADDR_LOCALHOST, as well as IP addresses of other interactive machines in the cluster. The sending of the connection address to the trusted agent uses Netlink as a data interaction method between the kernel and the user. The tPid represents the process ID of the trusted proxy process, which is initialized to -1 when the system is started, and initialized to the process ID of the trusted proxy process after the trusted proxy process is started. The ERR means that the system call returned an error value.

如图5所示,所述的数据密封模块包括以下步骤:首先进程远程证明,如果远程证明成功则生成一对AES密钥并使用指定平台状态寄存器PCR对密钥进程数据密封,把密封数据导出到磁盘上。如果远程证明失败,则使用密钥对数据进行加密,并在加密完成后丢弃该密钥。As shown in Figure 5, the described data sealing module comprises the following steps: first process remote certification, if the remote certification is successful, then generate a pair of AES keys and use the specified platform status register PCR to seal the key process data, and export the sealing data to disk. If the remote attestation fails, the data is encrypted using a key and the key is discarded after the encryption is complete.

Claims (3)

1. a kind of credible distributed file system based on HDFS, including remote proving module and data seal modules, feature It is
The remote proving module includes:
Remote procedure call remote proving module carries out verifying completeness of platform when carrying out communication interaction for entity node;
Based on the remote authentication module of integrity measurement framework IMA, for carrying out platform status remote proving between entity node, Verification platform integrality;The remote procedure call remote proving module is specifically used for realizing following process:Remote process first Applicant is called to initiate socket connection request, remote process tune to the remote procedure call port of remote procedure call server After receiving connection with server, remote procedure call applicant is sent remote procedure call header and is added using server public key Close random number n sends platform status register after remote procedure call server obtains random number n using private key decryption Applicant is returned in the value of PCR10, random number n and measurement list;After applicant verifies reception data, other side is determined It whether is in believable platform status, that is, confirms the platform status integrality of other side;
Socket connect remote proving module, for entity node to untrusted address carry out socket connection system call when into Row verifying completeness of platform;
After the seal data module carries out remote proving failure for entity node, seal data is carried out to platform data;
The remote authentication module based on integrity measurement framework IMA is specifically used for realizing following process:Challenger sends out first Send random number to the person of being certified, the person of being certified carries out the value of random number and platform status register PCR10 by identity key Challenger is returned to after digital signature;Challenger is decrypted data using the identity key public key for the person of being certified, and verifies Whether random number is correct;It is not then certified person and sends the measurement list that integrity measurement framework is safeguarded, challenger is by simulating PCR Whether the value of extension measurement list operation verification PCR10 is consistent, if consistent illustrate that measuring list is not tampered with, and passes through traversal Measurement list checks whether metric is legal, illustrates that the completeness of platform for the person of being certified is not destroyed if all legal, and Return to measurement results;The socket connection remote proving module is specifically used for realizing following process:Consumer process is sent out first It plays socket connection system to call connect and be passed to link address as parameter, then judges link address in system calling Whether in credible address list, if not then judging whether trusted agent process starts, connection ground is sent if starting Trusted agent process is given in location, otherwise directly returns to mistake;
The seal data module is specifically used for realizing following process:Remote proving is carried out first, if remote proving success It then generates a pair of of AES key and using specifying platform status register PCR to seal key process data, sealing data is exported Onto disk;If remote proving fails, it is encrypted using data key, and the key is abandoned after the completion of encryption.
2. the credible distributed file system according to claim 1 based on HDFS, it is characterised in that:The platform status Remote proving is the staticametric result based on IMA integrity measurement frameworks.
3. the credible distributed file system according to claim 1 based on HDFS, it is characterised in that:The long-range card Bright module and data seal modules can effectively defend high-order duration to threaten APT.
CN201410281244.1A 2014-06-20 2014-06-20 A kind of credible distributed file system based on HDFS Active CN104092733B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410281244.1A CN104092733B (en) 2014-06-20 2014-06-20 A kind of credible distributed file system based on HDFS

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410281244.1A CN104092733B (en) 2014-06-20 2014-06-20 A kind of credible distributed file system based on HDFS

Publications (2)

Publication Number Publication Date
CN104092733A CN104092733A (en) 2014-10-08
CN104092733B true CN104092733B (en) 2018-09-14

Family

ID=51640413

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410281244.1A Active CN104092733B (en) 2014-06-20 2014-06-20 A kind of credible distributed file system based on HDFS

Country Status (1)

Country Link
CN (1) CN104092733B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106656915A (en) * 2015-10-30 2017-05-10 深圳市中电智慧信息安全技术有限公司 Cloud security server based on trusted computing
CN106650459B (en) * 2016-11-11 2018-05-01 大唐高鸿信安(浙江)信息科技有限公司 Safeguard the believable system and method for distributed memory system data
CN108763397B (en) * 2018-05-22 2022-07-08 中国科学技术大学苏州研究院 A data placement method for a distributed file system supporting deep learning
US11469890B2 (en) * 2020-02-06 2022-10-11 Google Llc Derived keys for connectionless network protocols

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101477602A (en) * 2009-02-10 2009-07-08 浪潮电子信息产业股份有限公司 Remote proving method in trusted computation environment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100581107C (en) * 2008-11-04 2010-01-13 西安西电捷通无线网络通信有限公司 A Trusted Platform Verification Method Based on Ternary Peer Authentication (TePA)
US8601265B2 (en) * 2010-11-22 2013-12-03 Netapp, Inc. Method and system for improving storage security in a cloud computing environment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101477602A (en) * 2009-02-10 2009-07-08 浪潮电子信息产业股份有限公司 Remote proving method in trusted computation environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Design and Implementation of a TCG-Based Integrity Measurement Architecture;Reiner Sailer et al;《USENIX ASSOCIATION PROCEEDINGS OF THE 13TH USENIX SECURITY SYMPOSIUM》;20040813;正文第223-238页 *
Incorporating Hardware Trust Mechanisms in Apache Hadoop;Jason C. Cohen et al;《Globecom Workshops(GC Wkshps),2012 IEEE》;20121207;正文第771-772页 *

Also Published As

Publication number Publication date
CN104092733A (en) 2014-10-08

Similar Documents

Publication Publication Date Title
US10484365B2 (en) Space-time separated and jointly evolving relationship-based network access and data protection system
US10305903B2 (en) Bypassing certificate pinning
US11153074B1 (en) Trust framework against systematic cryptographic
EP3061027B1 (en) Verifying the security of a remote server
US9497224B2 (en) Systems and methods for implementing computer security
US8996865B2 (en) Systems and methods for implementing computer security
US20160294794A1 (en) Security System For Data Communications Including Key Management And Privacy
US9124640B2 (en) Systems and methods for implementing computer security
WO2019218919A1 (en) Private key management method and apparatus in blockchain scenario, and system
JP2018516026A (en) Automatic device integrity authentication using blockchain
Xu et al. Data-provenance verification for secure hosts
CN108418691A (en) SGX-based dynamic network identity authentication method
Nguyen et al. LogSafe: Secure and scalable data logger for IoT devices
JP2022534677A (en) Protecting online applications and web pages that use blockchain
CN104092733B (en) A kind of credible distributed file system based on HDFS
CN105516066A (en) Method and device for identifying existence of intermediary
US11671422B1 (en) Systems and methods for securing authentication procedures
Bhudia et al. RansomClave: ransomware key management using SGX
Ghazizadeh et al. Secure OpenID authentication model by using Trusted Computing
Nosouhi et al. Towards Availability of Strong Authentication in Remote and Disruption-Prone Operational Technology Environments
CN115348078A (en) Method, electronic device and storage medium for preventing APP eavesdropping based on verification signature certificate
CN111147241A (en) Key protection method based on block chain
Galibus et al. Common Cloud Attacks and Vulnerabilities
US20170012973A1 (en) Trust framework for secured digital interactions between entities
Carter An examination of the growing enterprise threat associated with compromised keys and certificates with recommendations for changes to control objectives for information and related technology standards

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant