摘要
在基于角色的信任管理框架RT中,由于可以依赖实体的属性授权,所以它是一种适用于大规模、分布式环境,为陌生双方动态地建立信任关系的有效方法,但它在授权时只考虑了实体本身的属性,没有考虑实体所依赖的平台运行环境的可信性,而一个"不可信"的平台显然会对系统安全构成威胁,本文提出了一种搭建在可信计算平台之上的基于角色的信任管理系统RTMTCP,从证书、安全策略、一致性验证等方面具体阐述了如何将RT与可信计算平台有机地结合起来,从根本上提高信任管理系统的可信性、自主性和安全性,最后通过实例对RTMTCP的使用进行了具体说明.
In Role-Based Trust Management Framework (RT), entities may be authorized according to their properties, so it is an effective way to build the trust relationships dynamically for the unfamiliar in large open distributed environment. However, RT only considers the properties of entities ignoring the states of platforms on which they are operating as making authorization decision, and an "irresponsible" platform may pose threat to the system security. To address the problem, this paper presents a Role-Based Trust Management on Trusted Computing Platform, called RTMTCP. We discuss the credentials, security policy and compliance checking in RTMTCP, and illuminate the usage of RTMTCP through a typical example.
出处
《北京交通大学学报》
CAS
CSCD
北大核心
2009年第2期11-16,共6页
JOURNAL OF BEIJING JIAOTONG UNIVERSITY
基金
国家“863计划”项目资助(2007AA01Z410)
国家“973”重点基础研究发展计划项目资助(2007CB307101)
国家自然科学基金资助项目(60573043)
北京交通大学科技基金项目资助(2008RC021)
