Hierarchal Security Architecture of Virtualized Trusted Platform

In view of some new security issues in the computing platform with virtualization technology, this paper proposes the application of the security-oriented virtualized trusted platform (VTP) architecture, whose trusted computing base (TCB) is hierarehal and self-contained with three layer-by-layer facilities from the trust root-hardware TPM/TCM, trusted virtual machine monitor (TVMM) to security manager(SM). Based on opensource project-XEN, it gives a sample design of the virtualized trusted platform for the virtual machine and its application's security with such mechanisms as remote attestation, information flow control, secure migration and privacy protection. Scenario analysis shows that the sample VTP can support different security goals of its applications flexibly.