摘要
为使计算机软件在一个可信的环境中运行,通过对Linux操作系统下的软件保护进行研究,提出一种基于USBKey的软件保护策略。结合USBKey内部强大的密码运算和安全存储能力,注入身份认证和可信计算思想。针对USBKey认证中的不足进行改进,引入基于盲化的身份认证方案,盲化因子的参与保证认证的新鲜度,防止重放攻击,对软件认证策略进行建模,从敌手攻击上说明这种策略存在的漏洞和缺陷,提出一种流系统模型,协议分析验证了该增强保护策略满足安全性需求。
To make sure computer software run in the trusted environment, through the software protection studied in the operating system of Linux, a strategy of software protection based on USBKey was proposes. USBKey internal strong cryptooperation and secure storage capacity were combined, and identity authentication and trusted computing were introduced. Aiming at solving the deficiency in USBKey certification, the identity authentication scheme based on the blind was introduced, due to the blind factors participated, the freshness of certification was guaranteed and the replay attack was prevented. This strategy of software certification was modeled and the loopholes and defects existing in the strategy were illustrated from the enemy attack view point. A flow system model was proposed. Analysis verifies that this strategy of software protection satisfies the needs of security.
出处
《计算机工程与设计》
北大核心
2017年第1期53-58,共6页
Computer Engineering and Design
