期刊文献+

程序的动态完整性:模型和方法 被引量:3

Dynamical Integrity of Codes:Model and Method
下载PDF
导出
摘要 在信息安全和可信计算中,程序的动态完整性是一个重要问题,特别是无线传感器网络、云计算平台等这一类开放松耦合环境下,怎样度量程序行为的动态完整性的问题尤为突出.基于硬件的可信计算技术和代码证实技术等都没有解决具体行为的动态性度量这个问题,部分原因是缺少一个动态完整性的模型和相应的理论.针对上述问题,在分析了对程序动态完整性安全的威胁基础之上,提出了一个基于密码学的动态完整性理论模型,该模型刻画了程序动态完整性安全的各个要素.基于该模型提出了编译器辅助的流嵌入法,给出了此方法的示例,并分析了此方法的安全性和效率,最后讨论了编译器支持的相关问题,解决了动态完整性的理论和方法中的部分问题. In the research of information security and trusted computing, measuring dynamic integrity of codes under adversaries'attacks is an important problem, especially in the context, such as wireless sensor network, cloud computing etc. In the open and less coupled systems, this issue is much more urgent. Hardware-based technologies of trusted computing and methods in (software based) code attestation can successfully measure some property of program, static or code oriented, but fail to measure integrity of certain behaviors during the executing of codes. This situation partially is due to the lack of proper theory of dynamic integrity, which can be changed with sound and precise concepts and models of measuring dynamic integrity. In this paper, we develop the concept of dynamic integrity after analysis of attacks and model of measuring dynamic integrity, and use the idea of provable secure from cryptography to give a formal notion of the concept. And we discuss its relationship with several other cryptography primitives, such as message authentication code schemes, code obfuscation etc. Based on the model, a compiler-aided flow embedding method is proposed to achieve a weak form of dynamic integrity scheme, and security and efficiency are analyzed with some reasonable assumptions. Finally, we discuss how to compile any program and issues concerning the compiling process. enhanced by dynamic integrity measurable scheme
作者 吴昊 毋国庆
出处 《计算机研究与发展》 EI CSCD 北大核心 2012年第9期1874-1882,共9页 Journal of Computer Research and Development
基金 国家自然科学基金项目(90818018) 国家自然科学基金重点项目(91118003)
关键词 可信软件 动态完整性模型 程序行为 编译器辅助 代码证实 trusted software model of dynamic integrity program behavior compiler-aided codeattestation
  • 相关文献

参考文献16

  • 1Anderson R. Cryptography and competition policy: issues with'trusted computing' [C]//Proc of the 22nd Annual Syrup on Principles of Distributed Computing. New York: ACM, 2003:3-10.
  • 2Mitchell C. Trusted Computing (Professional Applications of Computing)[M]. Piscataway, NJ: IEEE, 2005.
  • 3Sailer R, Zhang X, Jaeger T, et al. Design and implementation of a TCG based integrity measurement architecture [C]//Proc of the 13th Conf on USENIX Security Symp. Berkeley, CA: USENIX Association, 2004:223-238.
  • 4刘孜文,冯登国.基于可信计算的动态完整性度量架构[J].电子信息学报,2010,32(4):875-879.
  • 5沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166. 被引量:253
  • 6Seshadri A, Perrig A, Van Doorn L, et al, SWATT: SoftWare-based ATTestation for Embedded Devices [C] // Proc of the IEEE Syrup on Security and Privacy. Los Alamitos, CA: IEEE Computer Society, 2004:272-282.
  • 7Yang Y, Wang X, Zhu S, et al. Distributed software-based attestation for node compromise detection in sensor networks [C]//Proc of the 26th IEEE Int Symp on Reliable Distributed Systems. Los Alamitos, CA: IEEE Computer Society, 2007:219-230.
  • 8Castelluceia C, Francillon A E L, Perito D, et al. On the difficulty of software-based attestation of embedded devices [C]//Proe of the 16th ACM Conf on Computer and Communications Security. New York: ACM, 2009:400-409.
  • 9James N, Shi E, Song D, et al. networks: Analysis & defenses Symp on Information Processing York: ACM, 2004:259-268 The sybil attack in sensor [C] //Proc of the 3rd Int in Sensor Networks. New.
  • 10Johnson R, Molnar D, Song D X, et al. Homomorphic signature schemes [C] //Proc of the 8th Cryptographer's Track at the RSA Conf on Topics in Cryptology. Berlin: Springer, 2002:244-262.

二级参考文献98

共引文献252

同被引文献17

引证文献3

二级引证文献11

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部