摘要
当前可信计算平台缺乏对自身运行时安全属性的监控,对此,提出一种针对嵌入式可信平台的运行时监控方法。通过自动化的代码插入和运行时实时监控,保证可信平台的运行时安全功能符合设计规范,并保证系统性能和运行状态符合特定条件约束,同时对相应的异常进行实时处理。实验结果表明,随着监控节点数的增长,监控的准确性和实时性提高,而监控开销和异常处理开销处于合理范围。
The state-of-art trusted computing platforms fall short of monitoring its own runtime security properties. In order to mitigate these problems, an approach on runtime monitoring for the embedded trusted platforms was proposed. With the automated code instrumentation and the runtime monitoring, that the runtime security functionalities were consistent with the design specifications of trusted computing platforms could be made sure. The system performance and states meet specific constraints could also be ensured. The runtime exceptions on the specific properties were handled in real-time. The experimental results show that with the increase on the number of monitoring nodes, the precision and real-time performance of proposed runtime monitoring increase. Meanwhile, the costs on the monitoring and the exception handling are moderate.
出处
《网络与信息安全学报》
2017年第10期44-51,共8页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.61303033
No.U1405255)
国家高技术研究发展计划("863"计划)基金资助项目(No.2015AA017203)
陕西省自然科学基础研究计划基金资助项目(No.2016JM6034)
航空科学基金资助项目(No.20141931001)
工信部某专项科研基金资助项目(No.MJ-2014-S-37)~~
关键词
可信计算
运行时监控
嵌入式系统
线性时序逻辑
trusted computing, runtime verification, embedded system, linear temporal logic
