摘要
基于可信计算技术构建的抗恶意代码攻击安全结构框架以可信计算技术为基础,融合身份认证、授权访问控制、备份恢复以及审计等多种安全控制技术构成。可信安全模块是抗恶意代码攻击的根基,可信计算技术是抗恶意代码攻击的必要条件,各种安全控制技术使抗攻击效能最大化。该框架通过各种技术的配合,建立了抵抗恶意攻击的层层防线,并且在系统遭到破坏时能及时发现并进行恢复,不仅能防范已知恶意代码,而且能防范未知恶意代码。
Based on trusted computing technology,a security framework against malicious code attacks is constructed,it is composed of identity authentication,authorized access control,backup recovery,audit and other security control technologies.The trusted security module is the basis of anti-malicious code attacks,while the trusted computing technology is a necessary condition for anti-malicious code attacks.Various security control technologies can maximize the effectiveness of anti-attack.Through the cooperation of various technologies,the framework establishes layers of defense against malicious attacks,and can discover and recover in time when the system is damaged.It can prevent not only the known malicious code,but also the unknown malicious code.
作者
岳阳
康利刚
李理
王晓宇
YUE Yang;KANG Li-gang;LI Li;WANG Xiao-yu(Unit 91977 of PLA,Beijing 100841,China)
出处
《通信技术》
2020年第5期1250-1255,共6页
Communications Technology
关键词
信息安全
可信计算
可信计算平台
抗恶意代码攻击
结构框架
information security
trusted computing
trusted computing platform
anti-malicious code attack
framework
