如何为用户提供一个可证明、可验证的可信运行环境，是云计算模式面临的重要问题.提出一种动态的用户运行环境可信性验证机制TCEE（trusted cloud execution environment）.通过扩展现有可信链，将可信传递到用户虚拟机内部，并周期性地对用户运行环境的内存和文件系统进行完整性验证.TCEE引入可信第三方TTP（trusted third party），针对用户虚拟机运行环境的可信性进行远程验证和审计，避免了由用户维护可信验证的相关信息和机制，同时也能够避免云平台敏感信息的泄露.实现了基于TCEE的原型系统，对TCEE的有效性和性能代价进行定量测试和评价.实验结果表明，该机制可以有效检测针对内存和文件系统的典型威胁，且对用户运行环境引入的性能代价较小.

Providing a provable and verifiable execution environment for the tenants is a very important problem in the cloud computing mode. This paper proposes a dynamic trustworthiness verification mechanism for the tenants' virtual execution environment, named TCEE (trusted cloud execution environment), which extends the current trusted chain into virtual machine's architecture stack. It cyclically verifies the trustworthiness of the memory and file systems within the virtual execution environments. TCEE introduces a TTP (trusted third party) to perform the verification and audit action against tenants' virtual machines to avoid heavy involvement of end tenants and unnecessary information leakage of the cloud providers. A prove-of-concept prototype is implemented according to TCEE to evaluate the effectiveness and the performance overhead incurred. Experimental results show that TCEE is effective and its performance overhead is minor.

国家自然科学基金（61202081）