期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

SmartMK:基于TPM的可信多内核操作系统架构 被引量:1

SmartMK:TPM-based Trusted Multi-Kernel Operating System Architecture
原文传递
导出
摘要 提出了一个多内核架构SmartMK来支撑不同安全等级和类别的应用。基于TPM和新的CPU安全技术,实现了多内核之间的强隔离与安全通信机制,以软硬件协同保护的方式实现安全的操作系统运行环境。在SmartMK架构上提出了分层次的强制访问控制方模型,进一步降低复杂环境中的访问控制复杂度。性能测试和实际应用都表明,SmartMK能够有效加强系统的安全性,同时很好地保证了系统的运行效率。 The emergence of general security hardware provides operating system and electronic equipment with a hardware-based security protection, but there were few studies about using the hardware to provide system-level security protection directly. A multi kernel structure SmartMK was proposed to support applications of different security levels and different types; based on the trusted platform module(TPM) and the new CPU security technology, the strong separation and secure communications rneehanisms between multi-kernel were realized and the security of the operating system operating environment was achieved by the hardware and software together. A mandatory access control model was offered to the SmartMK reduce the complexity of access control. Performance testing and application of SmartMK showed that it can effectively strengthen the system security while guaranteeing the system' s efficiency.
作者 陈文智 黄炜
机构地区 浙江大学计算机学院
出处 《武汉大学学报(信息科学版)》 EI CSCD 北大核心 2008年第10期1034-1037,共4页 Geomatics and Information Science of Wuhan University
基金 国家973计划资助项目(2007CB310900) 国家基础科研资助项目(A142008190)
关键词 TPM 多内核 可信操作系统 分层次强制访问控制 可信计算基 TPM multi-kernel trusted operating system layered mandatory access control trusted computing base
分类号 TP316 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献8

  • 1Popescu C B, Crispo B, Tanenbaum S A. Support for Multi-level Security Policies in DRM Architectures[C]. The 2004 Workshop on NSP, Nova Scotia, Canada, 2004
  • 2Greve D, Wilding M, Vanfleet W M. A Separation Kernel Formal Security Policy[C].ACL2 Workshop, Boulder, Colorado, 2003
  • 3Levin T E, Irvine C E, Nguyen T D. A Least Privilege Model for Static Separation Kernels[EB/OL]. http://cisr, nps. edu/- downloads/nps _ es-_05_003. pdf, 2007
  • 4Yodaiken V, Barabanov M. A Real-Time Linux [J]. LinuxJournal, 1997, 3(4) :19-23
  • 5Trusted Computing Group. Trusted Platform Module Main Specification. Version 1. 2[EB/OL]. http://www. trustedcomputinggroup. org/groups/tpm/, 2008
  • 6Intel Corporation. Trusted Execution Technology Preliminary Architecture Specification and Enabling Considerations[EB/OL]. http://download. intel. com/technology/security/downloads/315168. pdf, 2007
  • 7Sailer R, Zhang Xiaolan, Jaeger T. Design and Implementation of a TCG -based Integrity Measurement Architecturer[C]. The 13th Conference on USENIX Security Symposium, CA, USA 2004
  • 8MeCune J M, Parno B, Perrig A, et al. An Execution Infrastructure for TCB Minimization[J]. ACM SIGOPS Operating Systems Review, 2008, 42(4): 315-328

同被引文献9

引证文献1

武汉大学学报(信息科学版)
2008年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部