期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

可信计算平台委托机制的分析与改进

Analysis and Improvement of Delegation Mechanism in a Trusted Computing Platform
原文传递
导出
摘要 针对TCG委托机制中存在的使用已失效的委托信息仍能获得TPM服务的安全问题,提出了一种基于m叉哈希树MHT的委托方案。MHT存储在平台中,叶节点记录当前有效委托的哈希值,子节点连接后计算哈希值构成父节点,如此递归产生根节点存储在TPM中。创建或撤销委托时,添加或删除MHT相应的叶节点,同步更新MHT内部节点直到根节点;执行委托时,查询MHT,判断委托当前是否合法有效,避免TPM中的资源被非法利用。实验结果表明,新的委托方案具有更高的安全性,且容易实现。 This paper analyzes the principles and security problems of delegation mechanism in the V1.2 specification of TPM,and proposes a new delegation scheme.In this scheme,a merkle hash tree(MHT) has been maintained,each leaf of which records a hash of a delegation blob and the root resides in TPM.Based on the MHT,the protocols of delegation mechanism were improved.The MHT has been updated synchronously in the creation and revocation protocol and been queried to judge whether the delegation blob is valid currently in execution protocol.The results indicate that the new delegation mechanism is feasible and the reliability and security of delegation model have been improved by means of this new scheme.
作者 黄宁玉 张兴
机构地区 北京工业大学计算机学院可信计算实验室
出处 《武汉大学学报(信息科学版)》 EI CSCD 北大核心 2010年第5期599-602,共4页 Geomatics and Information Science of Wuhan University
基金 国家863计划资助项目(2006AA01Z202) 国家973计划资助项目(2003CB317003) 香港城市大学应用研究与发展基金资助项目(9668009)
关键词 可信计算 委托 授权数据 哈希树 trusted computing delegation authorization data MHT
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献13

  • 1Zhang Xinwen, Sejong O, Sandhu R. PBDM: A Flexible Delegation Model in RBAC[C]//Ferrari E, Ferraiolo D. New York: ACM Press, 2003: 149-157.
  • 2Barka E, Sandhu R. A Role-based Delegation Model and Some Extensions[OL]. http://www, list. gmu. edu/confrnc/nissc/rbdm00, pdf.2000.
  • 3Barka E, Sandhu R. Framework for Role-Based Delegation Models[C].The 16th Annual Computer Security Application Conf, New Orleans, 2000.
  • 4Jerome H, Michael D. The Protection of Information in Computer Systems[C]. IEEE, 1975,63(9): 1 278-1 308.
  • 5Trusted Computing Group. TPM Main Part 1 Design Principles Specification Version 1. 2[OL].http://www, trustedcomputinggroup, org/resources/ tpm_main_speeification/mainP1DPrevl03, zip, 2007.
  • 6Trusted Computing Group. TPM Main Part 2 TPM Structures Specification Version 1.2[OL]. http:// www. trustedcomputinggroup, org/files/resource_files/8D3D6571-1D09-3519-AD22 EA2911D4E9D0/ mainP2Structrev103, pdf, 2006.
  • 7Trusted Computing Group. TPM Main Part 3 Commands Specification Version 1. 2[OL]. http :// www. trustedcomputinggroup, org/files/static_page(iles/ACD28F6C-1D09-3519-AD210DC2597F1E4 C/mainP3Commandsrev103. pdf,2006.
  • 8Trusted Computing Group. TCG Software Stack Specification Version 1. 2 Level 1 Errata A[OL]. http://www. trustedcomputinggroup, org/files/resource_ files/6479CD77-1D09-3519-AD89EADIBC8 C97 F0/TSS 1 _2_Errata_A- final.pdf.2007.
  • 9Zhang Xing, Zhang Xiaofei, Shen Changxiang. A New Authorization Protocol for Trusted Computing[C].The 1st International Symposium on Data, Privacy and E-Commerce, Washington D C, USA, 2007.
  • 10张晓菲.可信计算平台模型及若干关键技术研究[D].北京:中国科学研究院,2007.

共引文献3

武汉大学学报(信息科学版)
2010年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部