摘要
Since the guarantee of trustiness is considered inadequate in traditional software development methods,software developed using these methods lacks effective measures for ensuring its trustiness.Combining agent technique with the support of trusted computing provided by TPM,a trust-shell-based constitution model of trusted software(TSCMTS)is demonstrated,trust shell ensures the trustiness of software logically.The concept of Trust Engine is proposed,which extends the "chain of trust" of TCG into application,and cooperates with TPM to perform integrity measurement for software entity to ensure the static trustiness;Data Structure called trust view is defined to represent the characteristic of software behavior.For the purpose of improving the accuracy of trustiness constraints,a strategy for determining the weights of characteristic attributes based on information entropy is proposed.Simulation experiments illustrate that the trustiness of software developed by the TSCMTS is improved effectively without performance degradation.
Since the guarantee of trustiness is consid-ered inadequate in traditional software development methods, software developed using these methods lacks effective measures for ensuring its trustiness. Combining agent technique with the support of trus-ted computing provided by TPM, a trust-shell-based constitution model of trusted software (TSCMTS) is demonstrated, trust shell ensures the trustiness of software logically. The concept of Trust Engine is proposed, which extends the ' chain of trust' of TCG into application, and cooperates with TPM to perform integrity measurement for software entity to ensure the static trustiness; Data Structure called trust view is defined to represent the characteristic of software behavior. For the purpose of improving the accuracy of trustiness constraints, a strategy for determining the weights of characteristic attributes based on information entropy is proposed. Simulation experiments illustrate that the trustiness of software developed by the TSCMTS is improved effectively without performance degradation.
基金
National Natural Science Foundation of China under Grant No. 60873203
Foundation of Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education under Grant No. AISTC2009_03
Hebei National Funds for Distinguished Young Scientists under Grant No. F2010000317
National Science Foundation of Hebei Province under Grant No. F2010000319