Trusted connection system based on virtual machine architecture

With the rapid development of virtualization technology, virtual machine (VM) is widely used by cloud computing - the more and more popular computing paradigm. Thus, in order to guarantee the security of cloud computing, it is necessary to securely identify the kernel of VM, the software stack running on VM and the hardware platform which VM relies on. This paper designs a system of trusted connection based on virtual machine architecture and implements a system prototype. Our system not only can securely measure and identify the kernel of VM, the software stack running on VM and the hardware platform which VM relies on, but also can realize isolations to untrusted VMs. There are three main parts in our system: trusted chain, attestation and isolation. The experiments described in this paper prove that our system ensures trusted connection of VMs and achieves isolations to untrusted VMs. The performance of our system is also analyzed and evaluated. According to the analysis results, our system is practical in terms of performance.