受保护的构造和受防护的 VM 概述Guarded fabric and shielded VMs overview

适用于:Windows Server 2019,Windows Server (半年频道),Windows Server 2016Applies to: Windows Server 2019, Windows Server (Semi-Annual Channel), Windows Server 2016

受保护的构造概述Overview of the guarded fabric

虚拟化的安全性是在 HYPER-V 中的主要投资领域。Virtualization security is a major investment area in Hyper-V. 除了保护主机或其他虚拟机免受运行恶意软件的虚拟机侵害外,我们还需要保护虚拟机避免受到被入侵主机的危害。In addition to protecting hosts or other virtual machines from a virtual machine running malicious software, we also need to protect virtual machines from a compromised host. 目前还为每个虚拟化平台基础危险,无论是 HYPER-V、 VMware 还是任何其他。This is a fundamental danger for every virtualization platform today, whether it's Hyper-V, VMware or any other. 非常简单,如果某个虚拟机(恶意地或无意地)脱离了组织控制,那么该虚拟机可以在任何其他系统上运行。Quite simply, if a virtual machine gets out of an organization (either maliciously or accidentally), that virtual machine can be run on any other system. 保护组织内的高值资产(例如域控制器、敏感文件服务器和人力资源系统)是头等大事。Protecting high value assets in your organization, such as domain controllers, sensitive file servers, and HR systems, is a top priority.

若要帮助防止受攻击的虚拟化结构,Windows Server 2016 HYPER-V 引入了受防护的 Vm。To help protect against compromised virtualization fabric, Windows Server 2016 Hyper-V introduced shielded VMs. 受防护的 VM 是第 2 代 (支持 Windows Server 2012 及更高版本) 的 VM 具有虚拟 TPM 使用 BitLocker 进行加密,只能在构造中的健康且获批准主机上可以运行。A shielded VM is a generation 2 VM (supported on Windows Server 2012 and later) that has a virtual TPM, is encrypted using BitLocker, and can run only on healthy and approved hosts in the fabric. 受防护的 VM 和受保护的构造启用云服务提供商或企业私有云管理员,可为租户 VM 提供更安全的环境。Shielded VMs and guarded fabric enable cloud service providers or enterprise private cloud administrators to provide a more secure environment for tenant VMs.

受保护的构造组成:A guarded fabric consists of:

  • 1 个主机保护者服务 (HGS)(通常是 3 个节点的群集)1 Host Guardian Service (HGS) (typically, a cluster of 3 nodes)
  • 1 个或更多受保护的主机1 or more guarded hosts
  • 一组受防护的虚拟机A set of shielded virtual machines. 下图显示了主机保护者服务如何使用证明以确保仅已知有效的主机可以启动受防护的 VM 和密钥保护,以便安全地释放受防护的 VM 的密钥。The diagram below shows how the Host Guardian Service uses attestation to ensure that only known, valid hosts can start the shielded VMs, and key protection to securely release the keys for shielded VMs.

当租户创建在受保护的构造上运行的受防护的 VM 时,Hyper-V 主机和受防护的 VM 自身均受到 HGS 保护。When a tenant creates shielded VMs that run on a guarded fabric, the Hyper-V hosts and the shielded VMs themselves are protected by the HGS. HGS 提供了两个不同的服务:证明和密钥保护。The HGS provides two distinct services: attestation and key protection. “证明”服务可确保只有受信任的 Hyper-V 主机可以运行受防护的 VM,而“密钥保护”服务则提供必需的密钥,以便为这些受防护的 VM 提供电源并将其实时迁移到其他受保护的主机。The Attestation service ensures only trusted Hyper-V hosts can run shielded VMs while the Key Protection Service provides the keys necessary to power them on and to live migrate them to other guarded hosts.

受保护的主机构造

视频:受防护的虚拟机简介Video: Introduction to shielded virtual machines

受保护的构造解决方案中的证明模式Attestation modes in the Guarded Fabric solution

对于受保护的构造,HGS 支持不同的证明模式:The HGS supports different attestation modes for a guarded fabric:

  • 受信任的 TPM 证明 (基于硬件的)TPM-trusted attestation (hardware-based)
  • 主机密钥证明 (基于非对称密钥对)Host key attestation (based on asymmetric key pairs)

建议使用受信任的 TPM 证明,因为它可提供下表中所述的更强的保证,但要求 Hyper-V 主机具有 TPM 2.0。TPM-trusted attestation is recommended because it offers stronger assurances, as explained in the following table, but it requires that your Hyper-V hosts have TPM 2.0. 如果你当前没有 TPM 2.0 或任何 TPM,您可以使用主机密钥证明。If you currently do not have TPM 2.0 or any TPM, you can use host key attestation. 如果你在购买新硬件后决定移动到受信任的 TPM 证明,则可切换主机保护者服务上的证明模式,该操作对构造几乎没有任何影响。If you decide to move to TPM-trusted attestation when you acquire new hardware, you can switch the attestation mode on the Host Guardian Service with little or no interruption to your fabric.

证明模式为主机选择Attestation mode you choose for hosts 主机保证Host assurances
受信任的 TPM 证明: 提供了可能的最强保护,但还需要执行多个配置步骤。TPM-trusted attestation: Offers the strongest possible protections but also requires more configuration steps. 主机硬件和固件必须包括 TPM 2.0 和 UEFI 2.3.1 已启用安全启动。Host hardware and firmware must include TPM 2.0 and UEFI 2.3.1 with Secure Boot enabled. 受保护的主机会批准基于其 TPM 身份、 标准引导序列和代码完整性策略,以确保它们仅运行已批准的代码。Guarded hosts are approved based on their TPM identity, Measured Boot sequence, and code integrity policies to ensure they only run approved code.
主机密钥证明: 用于支持现有主机硬件 TPM 2.0 不可用。Host key attestation: Intended to support existing host hardware where TPM 2.0 is not available. 需要较少的配置步骤且与常见服务器硬件兼容。Requires fewer configuration steps and is compatible with commonplace server hardware. 受保护的主机会批准基于密钥的所有权。Guarded hosts are approved based on possession of the key.

名为的另一种模式受信任的管理员证明与 Windows Server 2019 从开始已弃用。Another mode named Admin-trusted attestation is deprecated beginning with Windows Server 2019. 此模式下基于指定的 Active Directory 域服务 (AD DS) 安全组中的受保护的主机成员身份。This mode was based on guarded host membership in a designated Active Directory Domain Services (AD DS) security group. 主机密钥证明提供类似的主机标识,并更方便地设置。Host key attestation provide similar host identification and is easier to set up.

由主机保护者服务提供的保证Assurances provided by the Host Guardian Service

HGS 和创建受防护的 VM 的方法可帮助提供下列保证。HGS, together with the methods for creating shielded VMs, help provide the following assurances.

Vm 保证类型Type of assurance for VMs 受防护的 VM 保证,从密钥保护服务和受防护的 Vm 的创建方法Shielded VM assurances, from Key Protection Service and from creation methods for shielded VMs
BitLocker 加密磁盘 (OS 磁盘和数据磁盘)BitLocker encrypted disks (OS disks and data disks) 受防护的 VM 使用 BitLocker 来保护其磁盘。Shielded VMs use BitLocker to protect their disks. 启动 VM,并解密磁盘所需的 BitLocker 密钥受防护的 VM 的虚拟 TPM 使用经行业证明的技术,例如安全标准引导。The BitLocker keys needed to boot the VM and decrypt the disks are protected by the shielded VM's virtual TPM using industry-proven technologies such as secure measured boot. 虽然受防护的 VM 只能自动加密并保护操作系统磁盘,但你还可以加密附加到受防护的 VM 的数据驱动器While shielded VMs only automatically encrypt and protect the operating system disk, you can encrypt data drives attached to the shielded VM as well.
从"受信任的"模板磁盘/映像新受防护的 Vm 的部署Deployment of new shielded VMs from "trusted" template disks/images 部署新的受防护的 VM 时,租户就能够指定他们信任哪些模板磁盘。When deploying new shielded VMs, tenants are able to specify which template disks they trust. 受保护的模板磁盘具有其内容将被视为可信时的时间点上计算出的签名。Shielded template disks have signatures that are computed at a point in time when their content is deemed trustworthy. 然后,磁盘签名存储在签名目录中,创建受防护的 VM 时,租户可安全地将此签名目录提供给构造。The disk signatures are then stored in a signature catalog, which tenants securely provide to the fabric when creating shielded VMs. 设置受防护的 VM 时,要再次计算磁盘签名,并与目录中的受信任签名进行比较。During provisioning of shielded VMs, the signature of the disk is computed again and compared to the trusted signatures in the catalog. 如果签名匹配,则表示受防护的 VM 已部署。If the signatures match, the shielded VM is deployed. 如果签名不匹配,则表示受保护的模板磁盘被视为不受信任,部署失败。If the signatures do not match, the shielded template disk is deemed untrustworthy and deployment fails.
密码和其他机密创建受防护的 VM 时的保护Protection of passwords and other secrets when a shielded VM is created 创建 Vm 时,务必确保 VM 机密,如受信任的磁盘签名、 RDP 证书和 VM 的本地 Administrator 帐户的密码不会泄露到构造。When creating VMs, it is necessary to ensure that VM secrets, such as the trusted disk signatures, RDP certificates, and the password of the VM's local Administrator account, are not divulged to the fabric. 这些机密存储在名为屏蔽数据文件(.PDK 文件)的加密文件中,该文件由租户密钥提供保护,并由租户上载到构造中。These secrets are stored in an encrypted file called a shielding data file (a .PDK file), which is protected by tenant keys and uploaded to the fabric by the tenant. 创建受防护的 VM 时,租户选择要使用的屏蔽数据,这些数据仅安全地向受保护的构造内的受信任的组件提供这些机密。When a shielded VM is created, the tenant selects the shielding data to use which securely provides these secrets only to the trusted components within the guarded fabric.
租户控制的可以在其中启动 VMTenant control of where the VM can be started 屏蔽数据还包含允许运行特定的受防护 VM 的受保护构造的列表。Shielding data also contains a list of the guarded fabrics on which a particular shielded VM is permitted to run. 这很有用,例如,受防护的 VM 通常驻留在本地私有云中,但出于灾难恢复目的,可能需要迁移到其他(公有或私有)云中的情况。This is useful, for example, in cases where a shielded VM typically resides in an on-premises private cloud but may need to be migrated to another (public or private) cloud for disaster recovery purposes. 目标云或构造必须支持受防护的 VM,受防护的 VM 必须允许该构造运行它。The target cloud or fabric must support shielded VMs and the shielded VM must permit that fabric to run it.

什么是屏蔽数据,为什么需要屏蔽数据?What is shielding data and why is it necessary?

屏蔽数据文件(也称为预配数据文件或 PDK 文件)是加密文件,由租户或 VM 所有者创建,用于保护重要的 VM 配置信息,例如管理员密码、RDP 和其他标识相关的证书,域加入凭据等。A shielding data file (also called a provisioning data file or PDK file) is an encrypted file that a tenant or VM owner creates to protect important VM configuration information, such as the administrator password, RDP and other identity-related certificates, domain-join credentials, and so on. 创建受防护的 VM 时,构造管理员使用屏蔽数据文件,但无法查看或使用文件中包含的信息。A fabric administrator uses the shielding data file when creating a shielded VM, but is unable to view or use the information contained in the file.

此外,屏蔽数据文件包含机密信息,例如:Among others, a shielding data files contain secrets such as:

  • 管理员凭据Administrator credentials
  • 答案文件 (unattend.xml)An answer file (unattend.xml)
  • 确定是否使用此屏蔽创建 Vm 和受防护的配置数据或支持加密的安全策略A security policy that determines whether VMs created using this shielding data are configured as shielded or encryption supported
    • 请记住,配置为屏蔽的 VM 受构造管理员的保护,但支持加密的虚拟机不会Remember, VMs configured as shielded are protected from fabric admins whereas encryption supported VMs are not
  • RDP 证书通过 VM 保护远程桌面通信An RDP certificate to secure remote desktop communication with the VM
  • 包含受信任的、允许从中创建新 VM 的带有模板磁盘签名的列表的卷签名目录A volume signature catalog that contains a list of trusted, signed template-disk signatures that a new VM is allowed to be created from
  • 定义受防护的 VM 被授权运行在哪个受保护的构造上的密钥保护程序 (KP)A Key Protector (or KP) that defines which guarded fabrics a shielded VM is authorized to run on

屏蔽数据文件(PDK 文件)提供租户可以预期方式创建 VM 的保证。The shielding data file (PDK file) provides assurances that the VM will be created in the way the tenant intended. 例如,当租户将答案文件 (unattend.xml) 置于屏蔽数据文件中,并将其传递给主机供应商时,主机供应商无法查看或更改该答案文件。For example, when the tenant places an answer file (unattend.xml) in the shielding data file and delivers it to the hosting provider, the hosting provider cannot view or make changes to that answer file. 同样,创建受防护的 VM 时,主机供应商无法替代不同的 VHDX,因为屏蔽数据文件包含无法从中创建受防护的 VM 的受信任的磁盘签名。Similarly, the hosting provider cannot substitute a different VHDX when creating the shielded VM, because the shielding data file contains the signatures of the trusted disks that shielded VMs can be created from.

下图显示了屏蔽数据文件和相关的配置元素。The following figure shows the shielding data file and related configuration elements.

屏蔽数据文件

受保护的构造可以运行的虚拟机的类型有哪些?What are the types of virtual machines that a guarded fabric can run?

受保护的构造能够以三种可能的方式之一运行 VM:Guarded fabrics are capable of running VMs in one of three possible ways:

  1. 常规 VM 不提供超越 Hyper-V 之前版本的任何保护功能A normal VM offering no protections above and beyond previous versions of Hyper-V
  2. 支持加密的 VM 的保护功能可由构造管理员配置An encryption-supported VM whose protections can be configured by a fabric admin
  3. 受防护的 VM 的保护功能均已打开,并且不能由构造管理员禁用A shielded VM whose protections are all switched on and cannot be disabled by a fabric admin

支持加密的 VM 旨在用于构造管理员完全受信任的地方。Encryption-supported VMs are intended for use where the fabric administrators are fully trusted. 例如,企业可以部署受保护的构造,以确保 VM 磁盘可以静态加密来达到相容目的。For example, an enterprise might deploy a guarded fabric in order to ensure VM disks are encrypted at-rest for compliance purposes. 构造管理员可以继续使用方便的管理功能,例如 VM 控制台连接、PowerShell Direct 及其他日常管理和故障排除工具。Fabric administrators can continue to use convenient management features, such VM console connections, PowerShell Direct, and other day-to-day management and troubleshooting tools.

受防护的 VM 设计在必须保护 VM 的数据和状态免受构造管理员和可能运行在 Hyper-V 主机上的不受信任的软件侵害的构造中使用。Shielded VMs are intended for use in fabrics where the data and state of the VM must be protected from both fabric administrators and untrusted software that might be running on the Hyper-V hosts. 例如,受防护的 VM 从不允许 VM 控制台连接,反之,构造管理员可以为支持加密的 VM 打开或关闭此功能。For example, shielded VMs will never permit a VM console connection whereas a fabric administrator can turn this protection on or off for encryption supported VMs.

下表总结了加密支持和受防护的 Vm 之间的差异。The following table summarizes the differences between encryption-supported and shielded VMs.

功能Capability 支持的第 2 代加密Generation 2 Encryption Supported 第 2 代防护Generation 2 Shielded
安全启动Secure Boot 是,必需但可配置Yes, required but configurable 是,必需并强制执行Yes, required and enforced
VtpmVtpm 是,必需但可配置Yes, required but configurable 是,必需并强制执行Yes, required and enforced
加密 VM 状态并实时迁移流量Encrypt VM state and live migration traffic 是,必需但可配置Yes, required but configurable 是,必需并强制执行Yes, required and enforced
集成组件Integration components 可由构造管理员配置Configurable by fabric admin 阻止某些集成组件(例如数据交换、PowerShell Direct)Certain integration components blocked (e.g. data exchange, PowerShell Direct)
虚拟机连接(控制台)、HID 设备(例如键盘、鼠标)Virtual Machine Connection (Console), HID devices (e.g. keyboard, mouse) 打开,不能禁用On, cannot be disabled 从 Windows Server 版本 1803; 开始的主机上启用状态在更低版主机上已禁用Enabled on hosts beginning with Windows Server version 1803; Disabled on earlier hosts
COM/串行端口COM/Serial ports 支持Supported 已禁用(无法启用)Disabled (cannot be enabled)
(向 VM 进程) 附加调试器1Attach a debugger (to the VM process)1 支持Supported 已禁用(无法启用)Disabled (cannot be enabled)

1传统的调试器附加到进程,如 WinDbg.exe,直接被阻止的受防护的 Vm,因为 VM 的工作进程 (VMWP.exe) 是一个受保护的进程的指示灯 (PPL)。1 Traditional debuggers that attach directly to a process, such as WinDbg.exe, are blocked for shielded VMs because the VM's worker process (VMWP.exe) is a protected process light (PPL). 替代调试技术,例如使用的 LiveKd.exe,那些不被阻止。Alternative debugging techniques, such as those used by LiveKd.exe, are not blocked. 与不同的受防护的 Vm,支持加密的 Vm 的工作进程将不运行 PPL 使传统的调试器喜欢 WinDbg.exe 将继续正常工作。Unlike shielded VMs, the worker process for encryption supported VMs does not run as a PPL so traditional debuggers like WinDbg.exe will continue to function normally.

受防护的 VM 和支持加密的 VM 继续支持常见构造管理功能,例如实时迁移、Hyper-V 副本及 VM 检查点等。Both shielded VMs and encryption-supported VMs continue to support commonplace fabric management capabilities, such as Live Migration, Hyper-V replica, VM checkpoints, and so on.

主机保护者服务在发挥作用:受防护的 VM 上的提供支持The Host Guardian Service in action: How a shielded VM is powered on

屏蔽数据文件

  1. VM01 启动。VM01 is powered on.

    受保护的主机可在受防护的 VM 上启动之前,必须首先明确证明它的健康状况。Before a guarded host can power on a shielded VM, it must first be affirmatively attested that it is healthy. 为了证明处于健康状态,它必须向密钥保护服务 (KPS) 提供健康证书。To prove it is healthy, it must present a certificate of health to the Key Protection service (KPS). 通过证明过程获取健康证书。The certificate of health is obtained through the attestation process.

  2. 主机请求证明。Host requests attestation.

    受保护的主机请求证明。The guarded host requests attestation. 证明模式由主机保护者服务指定:The mode of attestation is dictated by the Host Guardian Service:

    受信任的 TPM 证明:HYPER-V 主机发送信息,包括:TPM-trusted attestation: Hyper-V host sends information that includes:

    - <span data-ttu-id="d37df-229">TPM 识别信息(其认可密钥)</span><span class="sxs-lookup"><span data-stu-id="d37df-229">TPM-identifying information (its endorsement key)</span></span>
    - <span data-ttu-id="d37df-230">在最新引导顺序(TCG 日志)期间启动的进程的信息</span><span class="sxs-lookup"><span data-stu-id="d37df-230">Information about processes that were started during the most recent boot sequence (the TCG log)</span></span>
    - <span data-ttu-id="d37df-231">有关在主机应用的代码完整性 (CI) 策略的信息。</span><span class="sxs-lookup"><span data-stu-id="d37df-231">Information about the Code Integrity (CI) policy that was applied on the host.</span></span> 
    
    Attestation happens when the host starts and every 8 hours thereafter. If for some reason a host doesn't have an attestation certificate when a VM tries to start, this also triggers attestation.
    

    托管密钥证明:HYPER-V 主机发送公共密钥对的一半。Host key attestation: Hyper-V host sends the public half of the key pair. HGS 验证主机注册密钥。HGS validates the host key is registered.

    受信任的管理员证明:HYPER-V 主机发送 Kerberos 票证,它标识主机处于安全组。Admin-trusted attestation: Hyper-V host sends a Kerberos ticket, which identifies the security groups that the host is in. HGS 验证该主机属于由受信任的 HGS 管理员之前所配置的安全组。HGS validates that the host belongs to a security group that was configured earlier by the trusted HGS admin.

  3. 证明成功(或失败)。Attestation succeeds (or fails).

    证明模式确定所需的检查来成功地证明该主机处于正常状态。The attestation mode determines which checks are needed to successfully attest the host is healthy. 受信任的 TPM 证明中,验证主机的 TPM 的标识、 启动量化指标和代码完整性策略。With TPM-trusted attestation, the host's TPM identity, boot measurements, and code integrity policy are validated. 主机密钥证明,验证仅注册的主机密钥。With host key attestation, only registration of the host key is validated.

  4. 发送到主机的证明证书。Attestation certificate sent to host.

    假设证明成功,健康证书发送到主机和主机被视为"受保护"(被授权运行受防护的 Vm)。Assuming attestation was successful, a health certificate is sent to the host and the host is considered "guarded" (authorized to run shielded VMs). 主机使用健康证书授权密钥保护服务安全地释放所需的密钥,以便与受防护的 VM 进行协作The host uses the health certificate to authorize the Key Protection Service to securely release the keys needed to work with shielded VMs

  5. 主机请求 VM 密钥。Host requests VM key.

    受保护的主机不具有启动受防护的 VM(在此例中是 VM01)所需的密钥。Guarded host do not have the keys needed to power on a shielded VM (VM01 in this case). 要获取必要的密钥,受保护的主机必须向 KPS 提供以下内容:To obtain the necessary keys, the guarded host must provide the following to KPS:

    • 当前健康证书The current health certificate
    • 包含启动 VM01 所需的密钥的加密机密(密钥保护程序或 KP)。An encrypted secret (a Key Protector or KP) that contains the keys necessary to power on VM01. 机密使用仅 KPS 知道的其他密钥进行加密。The secret is encrypted using other keys that only KPS knows.
  6. 密钥释放。Release of key.

    KPS 检查健康证书以确定其有效期。KPS examines the health certificate to determine its validity. 证书必须未过期,并且 KPS 必须信任颁发它的验证服务。The certificate must not have expired and KPS must trust the attestation service that issued it.

  7. 密钥返回到主机。Key is returned to host.

    如果健康证书有效,则 KPS 会尝试解密该机密,并安全地返回启动 VM 所需的密钥。If the health certificate is valid, KPS attempts to decrypt the secret and securely return the keys needed to power on the VM. 请注意,密钥加密到受保护的主机的 VBS。Note that the keys are encrypted to the guarded host's VBS.

  8. VM01 上启动的主机。Host powers on VM01.

受保护的构造和受防护的 VM 术语表Guarded fabric and shielded VM glossary

术语Term 定义Definition
主机保护者服务 (HGS)Host Guardian Service (HGS) 启动或实时迁移受防护的 VM 时,安装在可以测量 Hyper-V 主机运行状况并向健康 Hyper-V 主机释放密钥的裸机服务器的安全群集上的 Windows Server 角色。A Windows Server role that is installed on a secured cluster of bare-metal servers that is able to measure the health of a Hyper-V host and release keys to healthy Hyper-V hosts when powering-on or live migrating shielded VMs. 这两项是受防护的 VM 解决方案的基本功能,分别称为证明服务密钥保护服务These two capabilities are fundamental to a shielded VM solution and are referred to as the Attestation service and Key Protection Service respectively.
受保护的主机guarded host 可以运行受防护的 VM 的 Hyper-V 主机。A Hyper-V host on which shielded VMs can run. 主机仅可被视为_受保护的_时被认为是正常的 HGS 的证明服务。A host can only be considered guarded when it has been deemed healthy by HGS' Attestation service. 受防护的 VM 无法在未经证明或证明失败的 Hyper-V 主机上启动,也无法实时迁移到这种主机上。Shielded VMs cannot be powered-on or live migrated to a Hyper-V host that has not yet attested or that failed attestation.
受保护的构造guarded fabric 这是集合术语,用于描述 Hyper-V 主机构造,以及可以管理和运行受防护的 VM 的主机保护者服务。This is the collective term used to describe a fabric of Hyper-V hosts and their Host Guardian Service that has the ability to manage and run shielded VMs.
受防护的虚拟机 (VM)shielded virtual machine (VM) 仅可在受保护的主机上运行的虚拟机,免受来自恶意构造管理员和主机恶意软件的检查、篡改和盗窃。A virtual machine that can only run on guarded hosts and is protected from inspection, tampering and theft from malicious fabric admins and host malware.
构造管理员fabric administrator 可以管理虚拟机的公有或私有云管理员。A public or private cloud administrator that can manage virtual machines. 在受保护的构造的上下文中,管理员没有受防护的 VM 或确定受防护的 VM 可以运行在哪些主机上的策略的访问权限。In the context of a guarded fabric, a fabric administrator does not have access to shielded VMs, or the policies that determine which hosts shielded VMs can run on.
HGS 管理员HGS administrator 公有或私有云中受信任的管理员,有权管理策略和受保护的主机(即可以运行受防护的 VM 的主机)的加密材料。A trusted administrator in the public or private cloud that has the authority to manage the policies and cryptographic material for guarded hosts, that is, hosts on which a shielded VM can run.
预配数据文件或屏蔽数据文件(PDK 文件)provisioning data file or shielding data file (PDK file) 租户或用户创建的、用于保存重要 VM 配置信息,并防止他人访问该信息的加密文件。An encrypted file that a tenant or user creates to hold important VM configuration information and to protect that information from access by others. 例如,屏蔽数据文件可以包含创建 VM 时要分配给本地 Administrator 帐户的密码。For example, a shielding data file can contain the password that will be assigned to the local Administrator account when the VM is created.
基于虚拟化的安全 (VBS)Virtualization-based Security (VBS) 基于 HYPER-V 的处理和存储环境受管理员保护。A Hyper-V based processing and storage environment that is protected from administrators. 虚拟安全模式将为系统提供存储操作系统管理员不可见的操作系统密钥的功能。Virtual Secure Mode provides the system with the ability to store operating system keys that are not visible to an operating system administrator.
虚拟 TPMvirtual TPM 受信任的平台模块 (TPM) 的虚拟化版本。A virtualized version of a Trusted Platform Module (TPM). 从 Windows Server 2016 中的 HYPER-V 开始,你可以提供虚拟 TPM 2.0 设备,以便可以加密虚拟机,就像物理 TPM 允许物理计算机进行加密。Beginning with Hyper-V in Windows Server 2016, you can provide a virtual TPM 2.0 device so that virtual machines can be encrypted, just as a physical TPM allows a physical machine to be encrypted.

请参阅See also