Shulou(Shulou.com)06/03 Report--

Whether it is a virtual machine within an enterprise or hosted in an IDC or cloud service provider, how to ensure that the running environment is secure? the virtual machine is secure (the data in the virtual machine file and the monitor screen you see) become the topic of this article.

For example, for the virtual machine you are running, the administrator can see and operate your system through the virtualization platform through the monitor, such as shutdown, turn on, restart and so on. Secondly, if there are administrators or lawbreakers with ulterior motives who get the virtual disk file of your virtual machine and copy it to their own computer to view, then the data in the virtual machine can be seen at a glance Even more seriously, if you get the virtual disk of your AD virtual machine, decrypt the domain control user database and obtain the login information and password of enterprise users, then the consequences will be quite serious.

Secondly, if someone copies the virtual disk of the virtual machine and puts it into the competitor's virtual machine environment to import and run, will there be a copycat of the virtual machine business results?

Of course, I am just listing the possible risks and cases to discuss how to ensure the security of the virtual machine and that the environment in which the virtual machine runs can be trusted.

In response to the above pain points, a new technology called "protected person service" has been provided in Windows Server 2016 to provide a more secure operating environment for VM using a protected structure (Hyper-V host environment). The protected structure consists of three main parts:

Consists of a host protector service (HGS) (usually a three-node cluster)

One or more protected hosts

A set of protected virtual machines (VM)

Only virtual machine protection of Windows system is supported in Windows Server 2016, while virtual machine protection of Linux system is also supported in Windows Server 2019.

Then the entire protected virtual machine runs in a protected structural environment with the following topology:

The working mode can be divided into two modes: TPM mode and host key mode.

There are mainly four kinds of security methods used: TPM (vTPM), signature certificate, encryption certificate and Bitlocker.

Judging from the protected host, trust and security are mainly measured by the following three points: extracting the system characteristics of the host, the hardware benchmark, and the current running environment as a code integrity policy

Judging the security of a protected virtual machine is mainly based on the following four points: whether the virtual disk template is encrypted, volume signature directory, protected data file PDK (guardian certificate: signature and encryption; protective data file owner: signature and encryption), vTPM

The working relationship structure of protected virtual machines is as follows:

The working relationship structure of protected virtual machines on protected Hyper-V hosts is as follows:

Request to enable protected virtual machine VM01

Before a protected host can start a protected VM, it must first be proven to be trusted. In order to prove that it can be trusted, it must provide proof of trust to the key Protection Service (KPS). The trusted certificate is obtained through the certification process.

The host requests proof.

The protected host requests proof. The authentication mode is determined by the protected host service cluster:

TPM certificate of trust: the information sent by the Hyper-V host includes:

TPM identification information (approval key)

Process information for the most recent boot sequence (TCG log)

Code integrity policy information applied on the host (CI)

Note: the protected Hyper-V host is verified every 8 hours after startup, and the request will be triggered if for some reason the protected host does not have an authentication certificate when the protected VM attempts to start.

Host key certificate: the Hyper-V host sends the public key of the key pair. HGS verifies that the host key is registered.

Proof of administrator trust: the Hyper-V host sends a Kerberos ticket that identifies the security group in which the host belongs. HGS verifies that the host belongs to a security group previously configured by a trusted HGS administrator. (this mode has been cancelled in Windows Server 2019)

Prove success (or failure)

Checks required to successfully prove that the host is trusted:

Through the TPM certificate of trust, verify the host's TPM identity, boot verification and code integrity policy.

Use the host key certificate to verify only the registration of the host key.

The authentication certificate has been sent to the host

Assuming success, a trusted certificate is sent to the host, and the host is considered "protected" (authorized to run the protected VM). The host uses the trust certificate authorization key protection service to securely issue the keys needed to use the protected virtual machine

Host requests VM key

The protected host does not have the key required to start the protected VM (VM01 in this case). To obtain the necessary keys, the protected host must provide the following to the KPS:

Current proof of trust

The encryption key (key protector or KPS) that contains the key required to start VM01. The key is encrypted with other keys that only KPS knows.

Publish key

KPS checks the trusted certificate to determine its validity. The certificate must not expire and KPS must trust the certification service that issued the certificate.

Return the key to the host

If the trusted certificate is valid, KPS attempts to decrypt the key and safely returns the key needed to start VM. Notice that the key is encrypted to the VBS of the protected host.

Host starts VM01

So how many steps does it take to deploy such a protected structure? The following figure lists the key steps:

Deployment of such a protected Hyper-V environment and protected virtual machines can eventually be managed through Powershell, or by using SCVMM or Windows Azure Pack.

The process is not complicated, but the points to be paid attention to and the knowledge involved are relatively complex.

In a nutshell, how to achieve virtual machine security and the results achieved, my summary is:

Build an independent guardian domain (guardian) with signing certificate and encryption certificate

The scan considers that the qualified Hyper-V hardware and system environment are stored as a benchmark in another independent domain as a benchmark check, in which TPM can be used as a security chip.

The virtual machine disk can be encrypted with certificate Bitlocker, or it can be combined with vTPM hardening, and the virtual disk can be bound with a unique certificate signature, which can be used as a benchmark check in an independent domain.

Set the owner and guardian domain (person) of the virtual machine for directional verification

Every startup of the virtual machine will be checked by omni-directional and multi-dimensional benchmark, and the absence of one will lead to startup failure.

The virtual disk of the virtual machine is also an omni-directional 360-degree non-dead-angle encryption, and the contents of the virtual disk can not be obtained by network replication, transmission or copy.

The protected virtual machine is also fully encrypted to move or transfer data before the protected Hyper-V host

If a malicious person wants to obtain the data in a virtual machine, it needs to have three large chunks: the protected Hyper-V host, the guardian domain (human) and the virtual machine file. It is not realistic to get so much of the content in the vhdx at the same time.

I think this feature also addresses the following requirements for business scenarios:

In the virtual machine (domain member server) in the added domain, the security reinforcement of the virtual machine is added from the periphery, but access to the internal use of the domain administrator account also requires a variety of constraints and other technical means to do security assistance.

If the virtual machine is hosted on the enterprise virtualization platform without adding domains, then the business staff directly manage the virtual machine: from the outside, it ensures that malicious IT administrators cannot steal and snoop data, and from the inside, direct users can rest assured to use and manage their own systems.

How to implement the following three chapters of the main core:

Finally, I would like to thank Wang Ze and Gao Yi for their functional introduction, so that I have more in-depth research and practice to share such a good technology and function with you.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.