摘要
在分布式环境中如何在实体之间建立信任关系一直是信息安全领域研究的热点问题,远程证明为解决该问题提供了一种新的研究方向。远程证明是可信计算中非常重要的特性,利用可信远程证明方法能够在实体之间建立起信任关系。但是,二进制等静态远程证明方法对于计算平台的可信性证明存在明显不足,在建立信任关系时不能够提供充分的证据。主要研究基于行为证明方法在实体之间如何建立可信关系的问题。因此,利用基于行为的远程证明方法对计算机平台可信性进行证明,该方法能够为建立信任关系提供更加准确的经验结果。在证明过程中存在一些不确定因素,这些不确定因素将影响信任关系的建立以及评估。利用主观逻辑对信任关系进行了度量,建立了TMBA动态可信模型,该模型能够在基于行为证明所获得的经验的基础上,通过考虑过去经验以及现有经验分析信任关系的动态性,并且将信任关系中的信任度用主观逻辑的观点来表示。最后给出根据TMBA对信任观点进行计算的方法。
In a distributed computing environment how to establish a trust relationship between entities has been a hot issues for information security, and remote attestation provides a new research direction for solving the issues. Remote attestation is an important feature of trusted computing, and entities can establish trust relationship by using the remote attestation. However, some static remote attestation methods such as binary based attestation are obviously inadequate to attest the trustworthiness of computing platform. They don't provide sufficient evidence in establishing trust relationship. Therefore, this paper used behavior-based attestation method to prove the trustworthiness of computing platform. This method can provide more accurate empirical results for establishing trust relationship. In additional, there are some uncertainties in behavior-based attestation,and these uncertainties will affect the establishment and evaluation of trust relationship. This paper used subjective logic to measure the trust relationship and build the dynamic trust model TMBA. This model can analyse dynamics of trust relationship by considering the past and present empirical results which are collected from behavior-based attestation, and represent the trust degree with the trust point in subjective logic. Finally, the method for calculation of the trust point was given.
出处
《计算机科学》
CSCD
北大核心
2012年第3期54-61,共8页
Computer Science
基金
国家高技术研究与发展计划(863计划)(2009AA012437)
国家重点基础研究发展计划(973计划)(2007CB311100)
中国博士后科学基金(20100480173)资助
关键词
可信计算
远程证明
信任关系
可信模型
Trusted computing,Remote attestation,Trust relationship, Trust model
