In the cloud environment, the virtual computing node has become the dominant form of cloud services used by users. Hence, it is increasingly critical to guarantee the trusted operation of the virtual computing node's operating system (VCNOS). However, previous schemes suffer a lot, such as insufficient consideration of the comprehensive of the measured objects, ignoring the dynamic of trusted, and the trusted measurement mechanisms rarely consider their security. Thus, a three-dimensional dynamic trusted measurement model SABDTM, which integrates the integrity measurement of kernel static data, trusted evaluation of operating system behavior (OSB), and the feedback trust of interacting nodes, is proposed. First, SABDTM divided OSB into multiple atomic behaviors and introduced the Bayesian decision theory to predict trusted expectations of OSBs. Second, the feedback trust of interacting nodes is considered to improve the comprehensiveness of the trusted measurement and evaluate its value based on the Euclidean distance function to reduce the impact of inaccurate feedback from malicious nodes. Subsequently, we set the appropriate weight for trusted measurement values of different moments based on Induced Ordered Weighted Averaging to accurately portray the actual state of VCNOS. Moreover, we designed a lightweight and independent subsystem to perform the trusted measurement, which guarantees the security of the measurement service. The security of our model is proved rigorously based on the non-interference theory. Finally, the experiments and comparative analysis demonstrated our model has better functionality and superiority.
Read full abstract