摘要
为了充分利用服务端存储模式计算机的非本地存储特性,该文提出了一种适用于服务端存储的可信计算模型。该模型通过把原有的可信平台模块硬件逻辑化为服务端软件模块,不仅降低了可信计算模型实施的难度,而且提高了其灵活性和扩展性。同时该模型从客户端系统的引导阶段出发构建完整的可信链,保证了可信计算平台的安全性。原型系统实现的结果表明:由于系统中所有客户端的信任度量均在服务端完成,使服务端能制定针对局域网全网的安全策略,进而实现真正的局域网网络可信。
A trusted computing model was developed for the non-local-storage characteristics of the server-end storage computer architecture. The model achieves high flexibility and scalability by replacing the original trusted platform module (TPM) hardware with a software module implemented on the server. The model ensures the security of the computing platform by establishing a complete trust chain from the beginning of the boot stage of the client operating system. Implementation of a prototype system shows that since the server measures the trust of all clients, a security strategy can be formulated to implement real trustworthiness on the entire local area network.
出处
《清华大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2009年第7期1012-1014,1018,共4页
Journal of Tsinghua University(Science and Technology)
基金
国家自然科学基金资助项目(60673065)
关键词
安全性
可信计算
可信平台模块
信任传递
security
trusted computing
trusted platform module(TPM)
transitive trust