期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于Chord的完全分布式克隆TPM检测方案

A fully distributed method to detect clone TPM based on Chord
下载PDF
导出
摘要 针对直接匿名验证(DAA)协议中使用可变名字基时检测克隆可信平台模块(TPM)存在的困难,在保持 TPM 高匿名度的前提下,提出了一种基于 Chord 的完全分布式克隆 TPM 检测方案。将访问服务的 TPM 映射到 Chord 覆盖层中,在不依赖可信第三方(TTP)参与的情况下实现了对克隆 TPM 的有效检测。以服从泊松分布的 TPM 访问规律和服从负指数分布的服务时间为模型,对该方案和已有方案的性能进行了分析与仿真,结果表明该方案具有高检测率和零虚警率等特性。该检测方案思想可以在不增加额外开销的情况下部署到基于分布式哈希表(DHT)的完全分布式系统中。 According to the difficulties in detecting a clone trusted platform module (TPM) in the direct anonymous attestation (DAA) protocol using variable basename, the paper proposes a fully distributed method to detect clone TPMs based on Chord, which offers TPMs a high degree of anonymity. By mapping TPMs to the chord overlay, clone TPMs can be detected efficiently without a trusted third party (TTP). The analysis and simulation were conducted for the approach and existing proposals based on a model where the access follows the Poisson distribution and service time follows the negative exponential distribution. The results show that the proposed method has a high detection rate and a zero false alarm. The idea of the proposal can be deployed in the distributed hash table (DHT) based fully distributed systems without increasing additional overhead.
作者 郝黎明 陆松年 杨树堂
机构地区 上海交通大学电子工程系
出处 《高技术通讯》 EI CAS CSCD 北大核心 2008年第11期1112-1116,共5页 Chinese High Technology Letters
基金 863计划(2005AA145110和2006AA01Z436) 上海市浦东新医科技创新公共服务平台(PDPT2005-04)
关键词 克隆TPM 可信计算 直接匿名验证 CHORD 假名 Clone trusted platform module (TPM), trusted computing, direct anonymous attestation, Chord, pseudonym
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献16

  • 1Trusted Computing Group. http://trustedcomputinggroup. org: TCG, 2003
  • 2Felten E W. Understanding trusted computing: will its benefits outweigh its drawbacks? IEEE Security & Privacy. 2003, 1(3) :60-62
  • 3Brickell E, Camenisch J, Chen L. Direct anonymous attestation. In: Proceedings of the llth ACM Conference on Computer and Communications Security, 2004. 132-145
  • 4Ge H, Liu L. A method to implement direct anonymous attestation, www. iacr. org/2006/023, ps. gz: International Association for Cryptologic Research, 2006
  • 5Trusted Computing Group. TPM vl. 2 specification changes. https: / /trustedcomputinggroup, org : TCG , 2003
  • 6Camenisch J. Better privacy for trusted computing platforms. In: Proceedings of the 9th European Symposium on Research in Computer Security, LNCS 3193, 2004. 73-88
  • 7Hao L M, Sun X, Yang S T, et al. A method to implement htU anonymous attestation for trusted computing platform. The 2nd Conference on Trusted Computing and Information Security. Wuhan University Journal of Natural Sciences, 2007, 12 (1):101-104
  • 8Stoical I, Morris R, Karger D, et al. Chord: a scalable peer-to-peer lookup service for intemet applications. In: Proceedings of the ACM Special Interest Group on Data Communications. San Diego, CA, 2001. 149-160
  • 9Sylvia R, Shenker S, Stoica I. Routing algorithms for DHTs: some open questions. In: Proceedings of the 1st International Workshop on Peer-to-Peer Systems, Cambridge, MA, USA. Berlin, Germany: Springer-Verlag, 2002. 45-52
  • 10Axelsson S. The base-rate fallacy and its implications for the difficulty of intrusion detection. ACM Transactions on Informotion and System Security, 2000, 3 (3) : 186-205

二级参考文献11

  • 1S Forrest, AS Perelson, L Allen et al. Self-nonsdf discrimination in a computer. In: Proc of the 1994 IEEE Symp on Research in Security and Privacy. Los Alamitos, CA- IEEE Computer Society Press, 1994.
  • 2R Maxion, K M C Tan. Benchmarking anomaly-based detection systems. The 1st Int'l Conf on Dependable Systems & Networks,New York, USA, 2000.
  • 3Samuel Patton, William Yurcik, David Doss. An Achilles' heel in signature-based IDS: Squealing false positives in SNORT. The 4th Int'l Symp on Recent Advances in Intrusion Detection (RAID),University of California--Davis, USA, 2001.
  • 4Stephanle Forrest, Steven, A Hofmeyr et al. A sense of self for Unix processes. In: IEEE Symp on Security and Privacy.Oakland, California: IEEE Computer Society Press, 1996. 120--128.
  • 5Christina Warrender, Stephanie Forrest, Barak Pearlmutt.Detecting intrusions using system calls: Alternative data model.In: IEEE Symp on Security and Privacy. Oakland, California:IEEE Computer Society Press, 1999. 133--145.
  • 6Yah Qiao, Xie Weixin et al. An anomaly intrusion detection method based on HMM. Electronics Letters, 2002, 38(13) : 663~664.
  • 7H S Javitz, A Valdes. The SRI IDES statistical anomaly detector.In: Proc of the IEEE Symp on Research in Security and Privacy,Oakland, CA: IEEE Computer Society Press, 1991.
  • 8Steven A Hofmeyr. An immunological model of distributed detection and its application to ctmaputer security [Ph D dissertation]. Department of Computer Sciences, University of New Mexico, Albuquerque, NM, 1999.
  • 9Yan Qiao, Xie Weixin. A network IDS with low false positive rate. In: Proc of the Congress on Evolutionary Computation 2002. Honolulu, HI: IEEE Computer Society Press, 2002.
  • 10Stefan Axelsson. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans on Information and System Security, 2000, 3(3): 186--205.

共引文献20

高技术通讯
2008年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部