摘要
安全涉及系统保护与策略符合性两层意义.目前TCG尽管已经发布了可信计算的相关标准,但是缺乏标准符合性验证的规范.将一种验证TPM命令标准符合性的机制引入到可信计算应用程序之中,在TPM执行功能之前检验其相关命令的标准一致性;同时,还进一步讨论了标准符合链的思想,通过确保每个组件的标准符合性来加强整个计算平台的安全性.
Security involves both protection and compliance. Although the Trusted Computing Group (TCG) has defined specifications for Trusted Computing, including those of Trusted Platform Module (TPM), criteria on compliance testing is still not available. In this paper, a test mechanism checking TPM commands is instrumented into TPM applications, which will validate TPM's conformance to specifications before its functional execution. Based on this, the initial idea of a chain of compliance is also discussed to enhance the trustworthiness of computing platforms by verifying the conformance of their components.
出处
《中国科学院研究生院学报》
CAS
CSCD
2008年第5期649-656,共8页
Journal of the Graduate School of the Chinese Academy of Sciences
基金
National 863 High-Tech Research Development Program of China (2007AA01Z414)
National Natural Science Foundation of China(60373054,60703103,60703102)
关键词
可信计算组织
可信平台模块
标准符合性测试
标准符合链
Trusted Computing Group (TCG), Trusted Platform Module (TPM), compliance test,chain of compliance