基于可信计算的动态组件属性认证协议

Protocol for dynamic component-property attestation in trusted computing

下载PDF

导出

摘要远程认证是可信计算平台的一种重要功能,二进制方法和基于属性证书的认证是其两种认证方法。属性认证能隐藏平台软件和硬件的配置信息,是静态的,不能动态验证现在正在运行的平台的实时信息。结合这两种方法的优点,提出了一种基于动态组件属性的认证协议,将二进制认证、属性认证和组件认证结合到该协议中。对协议进行了详细的说明和安全性分析,实验结果表明,该认证方法是有效的、保密的和可行的。 Remote attestation is one ofthe important functionalities oftmsted computing. Binary attestation and property-based attestation are two methods of authentication. Property-based attestation can conceal information about the configuration of a platform hardware and software or application, which is static and cannot get dynamic properties that represent runtime properties. A new method is proposed, which combines both approaches into a dynamic component-property attestation protocol, a protocol for remote attestation is demonstrated in detail, and its security is analyzed. The experimental result shows that the scheme improve the efficiency and credibility of remote attestation.

作者闫建红彭新光

机构地区太原理工大学计算机软件学院太原师范学院计算机系

出处《计算机工程与设计》 CSCD 北大核心 2011年第2期493-496,共4页 Computer Engineering and Design

基金山西省自然科学基金项目(2009011022-2) 山西省留学基金项目(2009-28)

关键词存储测量日志基于属性远程认证动态组件属性认证可信计算 store d measurement log property-based remote attestation DCPA trusted computing

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献8

1Trusted Computing Group.TCG Specification architecture over- view specification revision 1.2 [EB/OL]. http://www.trusted- computinggroup.org/In Mar,2010.
2Trusted Computing Group. TCG Specification Architecture Overview[S].USA:Trusted Computing Group,2007:5-40.
3Stumpf F, Tafreschi O, Roder P, et al.A robust integrity reporting protocol for remote attestation[C].Tokyo,Japan:Second Work- shop on Advances in Trusted Computing (WATC 2006 Fall), 2006.
4Huang Xin,Peng Yuxing.An effective approach for remote attes- tation in trusted computing[C].Nanchang,China:Proceedings of the 2009 International Symposium on Web Information Systems and Applications,2009:80-83.
5AhmadReza S,Christian.Property-based attestation for compu- ting platforms:Caring about properties,not mechanisms[C].Pro- ceedings of the 2004 Workshop on New Security Paradigms. USA:ACM,2004:67-77.
6Chen LiQun,Rainer Landfermann,Markus Rohe,et al.A protocol for property-based attestation[C].Proceedings of the first ACM Workshop on Scalable Trusted Computing. Alexandria. USA: ACM,2006:7-16.
7Haldar V.Semantic remote attestation[D].University of Califor- nia,2006.
8秦宇,冯登国.基于组件属性的远程证明[J].软件学报,2009,20(6):1625-1641. 被引量：33

二级参考文献15

1TCG Group. TPM main part l, design principles specification. Version 1.2. 2003. https://www.trustedcomputinggroup.org/home.
2TCG Group. TCG architecture overview specification. 2004. https://www.trustedcomputinggroup.org/home.
3TCG Group. TCG software stack (TSS) specification. Version 1.10. 2003. https://www.trustedcomputinggroup.org.
4Sailer R, Zhang XL, Jaeger T, Doom LV. Design and implementation of a TCG-based integrity measurement architecture. In: Proc. of the 13th Usenix Security Symp. San Diego: Usenix Press, 2004. 16-16.
5Smith S. Trusted Computing Platforms--Design and Applications. New York: Springer-Verlag, 2005. 193-194.
6Seshadri A, Perrig A, Doom LV, Khosla P. SWATT: Software-Based attestation for embedded devices. In: Proc. of the IEEE Security & Privacy Conf. Oakland: IEEE Press, 2004. 272-282.
7Garfinkel T, Rosenblum M, Boneh D. Flexible OS support and applications for trusted computing. In: Proc. of the 9th Workshop on Hot Topics in, Operating Systems (HotOS IX). Hawaii: Usenix Association, 2003.25-25.
8Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In: Proc. of the USENIX Virtual Machine Research and Technology Syrup. San Jose: Usenix Press, 2004.29-41.
9Poritz J, Schunter M, Herreweghen EV, Waidner M. Property attestation--Scalable and privacy-friendly security assessment of peer computers. IBM Research Report, RZ 3548, 2004.
10Sadeghi A, St(ible C. Property-Based attestation for computing platforms: Caring about properties, not mechanisms. In: Proc. of the New Security Paradigms Workshop. Nova Scotia: ACM Press, 2004. 67-77.

共引文献32

1闫建红.基于可信计算的远程认证研究[J].科技情报开发与经济,2009,19(33):72-74.
2谭良,刘震,周明天.TCG架构下的证明问题研究及进展[J].电子学报,2010,38(5):1105-1112. 被引量：7
3吴开贵,朱来雪.一种面向方面的软件组件监控模型[J].计算机系统应用,2011,20(4):109-113.
4冯登国,秦宇,汪丹,初晓博.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349. 被引量：114
5锁琰,徐小岩,张毓森,张涛,桂荆京,杨莉,乐康.支持组件动态更新的远程证明[J].西安电子科技大学学报,2011,38(4):11-19. 被引量：2
6施光源,张建标.可信计算领域中可信证明的研究与进展[J].计算机应用研究,2011,28(12):4414-4419. 被引量：9
7王海艳,徐明明.基于双线性映射和属性证书的远程证明方案[J].计算机技术与发展,2012,22(1):233-237. 被引量：3
8杨德礼,王红新.基于属性封印的可信传输协议设计[J].计算机工程与设计,2012,33(1):88-91. 被引量：1
9彭新光,王晓阳.可信计算中的远程认证体系[J].太原理工大学学报,2012,43(3):334-338. 被引量：4
10岳笑含,周福才,孙玮.一种基于BB+签名的PBA方案[J].计算机科学,2012,39(8):26-30.

1闫建红.基于可信计算的远程认证研究[J].科技情报开发与经济,2009,19(33):72-74.
2彭云,郭亚军.自动信任协商[J].武汉生物工程学院学报,2009,0(3):188-191.
3杜芸芸,解福,牛冰茹.基于远程证明的云计算认证问题研究[J].计算机应用与软件,2014,31(3):304-307. 被引量：5
4邬可可,李慧云,于峰崎.可防御侧信道攻击的高效椭圆曲线标量乘方法[J].高技术通讯,2011,21(5):495-502.
5胡荣磊,李然,李兆斌,方勇.基于可信计算的Ad hoc网络认证方案[J].计算机工程,2010,36(12):146-148. 被引量：2
6袁芳.十进制转换成二进制方法的探索与研究[J].科技信息,2009(13):56-56. 被引量：2
7魏江宏,刘文芬,胡学先.标准模型下可证安全的属性基认证密钥交换协议[J].软件学报,2014,25(10):2397-2408. 被引量：4
8赵新昱,郭兵兵,陈文伟.COM组件属性、方法的自动提取和调度[J].计算机工程,2000,26(11):12-13. 被引量：11
9白杰.暑假这里来消遣一起做个绿红蓝三色渐变按钮[J].少年电世界,2003(8):63-64.
10晏敏,赵芳,卢伟萍,赵荣英,杨晴.如何在APS+SQL中实现文件的上传和查看[J].广西气象,2006,27(A01):132-133.

计算机工程与设计

2011年第2期

浏览历史

内容加载中请稍等...

基于可信计算的动态组件属性认证协议

参考文献8

二级参考文献15

共引文献32

相关作者

相关机构

相关主题

浏览历史