with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this...with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.展开更多
Based on the theory of polymorphic virtual S-box, the paper presents a symmetric key exchange protocol to solve the problem of session keys delete shared in the computational complexity temporary trading scenario. Bot...Based on the theory of polymorphic virtual S-box, the paper presents a symmetric key exchange protocol to solve the problem of session keys delete shared in the computational complexity temporary trading scenario. Both parties jointly construct a highly nonlinear SPN core algorithm. The paper the connotation of polymorphic cipher theory, making use of the method of self-compiler based expansion factor to collect random parameter sets held by each of the parties containing its own information 5-tuple private keys array Kpa[5] and Kpb[5].The more efficient polymorphism virtual S-box is constructed. The method of secret split for the public key cryptography features can be implemented by symmetry cipher system. The research results will provide a theoretical basis to solve the key exchange problems for short- term communications partner based on symmetric cryptography.展开更多
基金Supported by the National Natural Science Foundation of China under Grant No. 61370068
文摘with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.
基金the National Natural Science Foundation of China under Grant No.61272038 and No.61340059,Zhengzhou Academician Workstation Funded Projects,the Education Department of Henan Province Science and Technology Research Project,Key Project of Science and Technology Research,the Doctor Fund of Zhengzhou University of Light Industry
文摘Based on the theory of polymorphic virtual S-box, the paper presents a symmetric key exchange protocol to solve the problem of session keys delete shared in the computational complexity temporary trading scenario. Both parties jointly construct a highly nonlinear SPN core algorithm. The paper the connotation of polymorphic cipher theory, making use of the method of self-compiler based expansion factor to collect random parameter sets held by each of the parties containing its own information 5-tuple private keys array Kpa[5] and Kpb[5].The more efficient polymorphism virtual S-box is constructed. The method of secret split for the public key cryptography features can be implemented by symmetry cipher system. The research results will provide a theoretical basis to solve the key exchange problems for short- term communications partner based on symmetric cryptography.
