摘要
针对可信计算平台在网络信息系统中的应用需求,提出了一种面向网络信息系统的TCP应用架构TCPAA。将该架构主要分为访问认证子系统和信息交互子系统两部分来进行设计。在访问认证子系统中,为了增强可信计算应用的灵活性,提出一种基于证明代理的可信验证机制PATAM,并对改进的访问认证模式进行了协议设计和流程说明。在信息交互子系统中,设计了内外网之间数据的可信传输流程,并提出了一种改进的金字塔可信评估模型PTAM。最后通过测试实验验证了该架构的良好性能。研究结果表明,该方案对于网络信息系统环境内可信计算平台的应用开发具有良好的通用性。
According to the application requirements of trusted computing platform in the network-oriented information system, a TCP application architecture TCPAA was proposed for the network-oriented information system. The archi- tecture was designed by dividing it into the access authentication subsystem and the information exchange subsystem two parts. In order to enhance the flexibility of trusted computing applications in the access authentication subsystem, a trust authentication mechanism PATAM based on proof agent was proposed in this paper, and an improved access au- thentication mode was proposed with a detailed description of its authentication protocol and application process. Beyond that, the trusted information transmission processes inside and outside were designed in the information exchange sub- system,and an improved pyramid trusted assessment model PTAM was proposed. Finally, the test experiments verify the good performance of the architecture. The results show that the application architecture has better support ability for the application development of trusted computing platform in the network-oriented information system environment.
出处
《计算机科学》
CSCD
北大核心
2015年第10期154-158,163,共6页
Computer Science
关键词
网络信息系统
可信计算平台
应用架构
可信验证机制
访问认证模式
金字塔可信评估模型
Network-oriented information system,Trusted computing platform, Application architecture, Trust authen-tication mechanism, Access authentication mode, Pyramid trusted assessment model
